CVE-2019-0301

Sažetak

Under certain conditions, it is possible to request the modification of role or privilege assignments through SAP Identity Management REST Interface Version 2, which would otherwise be restricted only for viewing.

Reference

https://launchpad.support.sap.com/#/notes/2784307
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

24-08-2020 - 17:37

Objavljeno

14-05-2019 - 21:29