CVE-2019-0278 is a vulnerability in SAP Netweaver Process Integration
Published on April 10, 2019
Under certain conditions the Monitoring Servlet of the SAP NetWeaver Process Integration (Messaging System), fixed in versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to see the names of database tables used by the application, leading to information disclosure.
Products Associated with CVE-2019-0278
Want to know whenever a new CVE is published for SAP Netweaver Process Integration? stack.watch will email you.
Affected Versions
SAP SE SAP NetWeaver Process Integration (Messaging System):- Version < 7.10 to 7.11 is affected.
- Version < 7.20 is affected.
- Version < 7.30 is affected.
- Version < 7.31 is affected.
- Version < 7.40 is affected.
- Version < 7.50 is affected.
Exploit Probability
EPSS
0.20%
Percentile
41.59%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.