CVE-2019-0390: Infoleak
First published: Wed Nov 13 2019(Updated: )
Under certain conditions SAP Data Hub (corrected in DH_Foundation version 2) allows an attacker to access information which would otherwise be restricted. Connection details that are maintained in Connection Manager are visible to users.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Diagnostics Agent | =7.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-0390.
What is the severity of CVE-2019-0390?
CVE-2019-0390 has a severity level of 4.3 (medium).
What is the affected software for CVE-2019-0390?
The affected software for CVE-2019-0390 is SAP Diagnostics Agent version 7.2.
What is the impact of CVE-2019-0390?
Under certain conditions, an attacker can access restricted information in SAP Data Hub, exposing connection details maintained in Connection Manager.
Are there any references for CVE-2019-0390?
Yes, you can find references for CVE-2019-0390 at the following links: [1](https://launchpad.support.sap.com/#/notes/2842034) and [2](https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390).
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/softwarecombine
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- agent/description
- agent/event
- vendor/sap
- canonical/sap diagnostics agent
- version/sap diagnostics agent/7.2