SAP NetWeaver Process Integration (B2B Toolkit), before versions 1.0 Missing Authorization Vulnerability

Summary

SAP NetWeaver Process Integration (B2B Toolkit), before versions 1.0 suffers from missing authorization vulnerability 

Credit:

The information has been provided by Vendor

The original article can be found at:https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050


Details

SAP NetWeaver Process Integration (B2B Toolkit), before versions 1.0 and 2.0, does not perform necessary authorization checks for an authenticated user, allowing the import of B2B table content that leads to Missing Authorization Check.

Vulnerable Systems:

SAP NetWeaver Process Integration versions 1.0 

CVE Information:

CVE-2019-0367

Disclosure Timeline:
Published Date:10/08/2019