CVE-2019-0403

critical

Description

SAP Enable Now, before version 1911, allows an attacker to input commands into the CSV files, which will be executed when opened, leading to CSV Command Injection.

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=533660397

https://launchpad.support.sap.com/#/notes/2845183

Details

Source: Mitre, NVD

Published: 2019-12-11

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.06562

Detections

Analytics