CVE-2019-0293

medium

Description

Read of RFC destination does not always perform necessary authorization checks, resulting in escalation of privileges to access information on RFC destinations on managed systems and SAP Solution Manager system (ST-PI, before versions 2008_1_700, 2008_1_710, and 740).

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032

https://launchpad.support.sap.com/#/notes/2756625

http://www.securityfocus.com/bid/108324

Details

Source: Mitre, NVD

Published: 2019-05-14

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00232