November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – CVE-2019-7094 – Adobe Photoshop Arbitrary Code Execution Vulnerability
March 13, 2019Rewterz Threat Advisory – CVE-2019-0275 SAP NetWeaver Java AS Cross Site Scripting Vulnerability
March 13, 2019Rewterz Threat Advisory – CVE-2019-7094 – Adobe Photoshop Arbitrary Code Execution Vulnerability
March 13, 2019Rewterz Threat Advisory – CVE-2019-0275 SAP NetWeaver Java AS Cross Site Scripting Vulnerability
March 13, 2019
Severity
Medium
Analysis Summary
A vulnerability was found in SAP NetWeaver and ABAP Platform (Solution Stack Software). Affected by this issue is some processing of the component ABAP Server. The manipulation as part of a XML Document leads to a privilege escalation vulnerability (XXE).
Impact
- Exposure of sensitive information.
- Denial of service.
Affected Products
SAP NetWeaver ABAP 7.50
SAP NetWeaver ABAP 7.49
SAP NetWeaver ABAP 7.45
SAP NetWeaver ABAP 7.40
SAP NetWeaver ABAP 7.31
SAP NetWeaver ABAP 7.30
SAP NetWeaver ABAP 7.22EXT
SAP NetWeaver ABAP 7.22
SAP NetWeaver ABAP 7.21EXT
SAP NetWeaver ABAP 7.21
SAP NetWeaver ABAP 7.11
SAP NetWeaver ABAP 7.10
SAP NetWeaver ABAP 7.03 Sp4
SAP NetWeaver ABAP 7.02 Sp6
SAP NetWeaver ABAP 7.02
SAP NetWeaver ABAP 7.00
SAP Kernel 7.53
SAP Kernel 7.49
SAP Kernel 7.45
SAP Kernel 7.22
SAP Kernel 7.21
Remediation
Vendor has not released any patches or updates yet.