SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/109071 | Third Party Advisory VDB Entry |
https://launchpad.support.sap.com/#/notes/2777910 | Permissions Required Vendor Advisory |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2019-07-10T19:09:39
Updated: 2019-07-10T19:09:44
Reserved: 2018-11-26T00:00:00
Link: CVE-2019-0327
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-07-10T20:15:12.060
Modified: 2019-07-18T13:36:16.003
Link: CVE-2019-0327
JSON object: View
Redhat Information
No data.
CWE