First published: Tue Oct 08 2019(Updated: )
SAP NetWeaver Process Integration (B2B Toolkit), before versions 1.0 and 2.0, does not perform necessary authorization checks for an authenticated user, allowing the import of B2B table content that leads to Missing Authorization Check.
Credit: cna@sap.com
Affected Software | Affected Version | How to fix |
---|---|---|
SAP NetWeaver Process Integration | =1.0 | |
SAP NetWeaver Process Integration | =2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this SAP NetWeaver Process Integration (B2B Toolkit) vulnerability is CVE-2019-0367.
The severity rating of CVE-2019-0367 is 4.3 (medium).
CVE-2019-0367 allows an authenticated user to import B2B table content without necessary authorization checks, leading to a missing authorization check.
To fix the CVE-2019-0367 vulnerability in SAP NetWeaver Process Integration (B2B Toolkit) version 1.0, update to a patched version provided by SAP.
To fix the CVE-2019-0367 vulnerability in SAP NetWeaver Process Integration (B2B Toolkit) version 2.0, update to a patched version provided by SAP.