← back
CVE-2019-0327

CVE-2019-0327

EPSS 2.1%
SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation.
Affected products
SAP SE · SAP NetWeaver for Java Application Server - Web Container (engineapi)SAP SE · SAP NetWeaver for Java Application Server - Web Container (servercode)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://launchpad.support.sap.com/#/notes/2777910https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575http://www.securityfocus.com/bid/109071