CVE-2019-0330 vulnerability in SAP Products
Published on July 10, 2019
The OS Command Plugin in the transaction GPA_ADMIN and the OSCommand Console of SAP Diagnostic Agent (LM-Service), version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.
Products Associated with CVE-2019-0330
stack.watch emails you whenever new vulnerabilities are published in SAP Diagnostics Agents or SAP Diagnostics Agent. Just hit a watch button to start following.
Affected Versions
SAP SE SAP Diagnostic Agent (LM-Service) Version < 7.20 is affected by CVE-2019-0330Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.