CVE-2019-0349

SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.49, 7.53, 7.73, 7.75, 7.76, 7.77, allows a user to execute ?Go to statement? without possessing the authorization S_DEVELOP DEBUG 02, resulting in Missing Authorization Check

Published : 2019-08-14 15:15 Updated : 2019-10-10 12:08

6.5
CVSS Score More info
Score 6.5 / 10
6.5
Vendor Product Version URI
Sap Advanced Business Application Programming Platform Kernel 7.21 cpe:/a:sap:advanced_business_application_programming_platform_kernel:7.21
Sap Advanced Business Application Programming Platform Kernel 7.21ext cpe:/a:sap:advanced_business_application_programming_platform_kernel:7.21ext
Sap Advanced Business Application Programming Platform Kernel 7.22 cpe:/a:sap:advanced_business_application_programming_platform_kernel:7.22
Sap Advanced Business Application Programming Platform Kernel 7.22ext cpe:/a:sap:advanced_business_application_programming_platform_kernel:7.22ext
Sap Advanced Business Application Programming Platform Kernel 7.49 cpe:/a:sap:advanced_business_application_programming_platform_kernel:7.49
Sap Advanced Business Application Programming Platform Kernel 7.53 cpe:/a:sap:advanced_business_application_programming_platform_kernel:7.53
Sap Advanced Business Application Programming Platform Kernel 7.73 cpe:/a:sap:advanced_business_application_programming_platform_kernel:7.73
Sap Advanced Business Application Programming Platform Kernel 7.75 cpe:/a:sap:advanced_business_application_programming_platform_kernel:7.75
Sap Advanced Business Application Programming Platform Kernel 7.76 cpe:/a:sap:advanced_business_application_programming_platform_kernel:7.76
Sap Advanced Business Application Programming Platform Kernel 7.77 cpe:/a:sap:advanced_business_application_programming_platform_kernel:7.77
  1. Sap (1) Search CVE
    1. Advanced Business Application Programming Platform Kernel (10) Search CVE
      1. 7.21
      2. 7.21ext
      3. 7.22
      4. 7.22ext
      5. 7.49
      6. 7.53
      7. 7.73
      8. 7.75
      9. 7.76
      10. 7.77

CWE

ID Name Description Links
CWE-285 Improper Authorization The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. CVE

History of changes

Date Event
2019-08-23 17:06
2019-08-14 15:26

New CVE