SAP NetWeaver Application Server for Java Information Exposure Vulnerability

Summary

Under certain conditions SAP NetWeaver Application Server for Java (Startup Framework), versions 7.21, 7.22, 7.45, 7.49, and 7.53, allows an attacker to access information which would otherwise be restricted

Credit:

The information has been provided by SAP

The original article can be found at:

https://launchpad.support.sap.com/#/notes/2738791

 


Details
SAP Netweaver Application Server Java is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain sensitive information, that may aid in further attacks..
Vulnerable Systems:
SAP NetWeaver Application Server for Java (Startup Framework)

CVE Information:

CVE-2019-0318

Disclosure Timeline:
Published Date:07/16/2019