CVE-2019-0285
First published: Wed Apr 10 2019(Updated: )
The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010) discloses sensitive database information including credentials which can be misused by the attacker.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sap Crystal Reports | =2010 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this SAP Crystal Reports vulnerability?
The vulnerability ID for this SAP Crystal Reports vulnerability is CVE-2019-0285.
What is the severity of CVE-2019-0285?
The severity of CVE-2019-0285 is critical with a score of 9.8.
What is the affected software for CVE-2019-0285?
The affected software for CVE-2019-0285 is SAP Crystal Reports version 2010.
What is the impact of CVE-2019-0285?
CVE-2019-0285 allows an attacker to disclose sensitive database information, including credentials, which can be misused.
How can I fix CVE-2019-0285?
The vulnerability has been fixed in version 2010 of SAP Crystal Reports for Visual Studio. Please update to the latest version to mitigate the risk.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap crystal reports
- version/sap crystal reports/2010