← back
CVE-2019-0312

CVE-2019-0312

EPSS 1.1%
Several web pages provided SAP NetWeaver Process Integration (versions: SAP_XIESR: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP_XITOOL: 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50) are not password protected. An attacker could access landscape information like host names, ports or other technical data in the absence of restrictive firewall and port settings.
Affected products
SAP SE · SAP NetWeaver Process Integration(SAP_XIESR)SAP SE · SAP NetWeaver Process Integration(SAP_XITOOL)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://launchpad.support.sap.com/#/notes/2744086https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=521864242