CVE-2019-0340 is a vulnerability in SAP Enable Now
Published on August 14, 2019
The XML parser, which is being used by SAP Enable Now, before version 1902, has not been hardened correctly, leading to Missing XML Validation vulnerability. This issue affects the file upload at multiple locations. An attacker can read local XXE files.
Products Associated with CVE-2019-0340
Want to know whenever a new CVE is published for SAP Enable Now? stack.watch will email you.
Affected Versions
SAP SE SAP Enable Now Version < 1902 is affected by CVE-2019-0340Exploit Probability
EPSS
0.13%
Percentile
31.80%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.