User Enumeration Vulnerability in SAP Enable Now
CVE-2019-0405
7.5HIGH
What is CVE-2019-0405?
SAP Enable Now prior to version 1911 suffers from a user enumeration vulnerability that allows unauthorized access to sensitive information. An attacker can exploit this flaw to glean details about the existence of specific users in the system, potentially leading to a broader compromise. By systematically querying the application, an attacker may construct a list of valid users, increasing the risk of targeted attacks and further exploitation.
Affected Version(s)
SAP Enable Now before 1911