Vulnerability Name:

CVE-2019-0275 (CCN-158369)

Assigned:2018-11-26
Published:2019-03-12
Updated:2021-09-09
Summary:SAML 1.1 SSO Demo Application in SAP NetWeaver Java Application Server (J2EE-APPS), versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40 and 7.50, does not sufficiently encode user-controlled inputs, which results in cross-site scripting (XSS) vulnerability.
CVSS v3 Severity:5.4 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)
5.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
7.6 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:L)
7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:L/E:H/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-79
Vulnerability Consequences:Cross-Site Scripting
References:Source: MITRE
Type: CNA
CVE-2019-0275

Source: BID
Type: Third Party Advisory, VDB Entry
107362

Source: XF
Type: UNKNOWN
sap-cve20190275-xss(158369)

Source: CCN
Type: SAP Web site
SAP Support Note 2689925

Source: MISC
Type: Permissions Required, Vendor Advisory
https://launchpad.support.sap.com/#/notes/2689925

Source: CCN
Type: SAP Security Patch Day – March 2019
SAP Security Patch Day – March 2019

Source: MISC
Type: Vendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080

Vulnerable Configuration:Configuration 1:
  • cpe:/a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:* (Version >= 7.10 and <= 7.11)
  • OR cpe:/a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*
  • OR cpe:/a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*
  • OR cpe:/a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*
  • OR cpe:/a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*
  • OR cpe:/a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    sap netweaver application server java *
    sap netweaver application server java 7.20
    sap netweaver application server java 7.30
    sap netweaver application server java 7.31
    sap netweaver application server java 7.40
    sap netweaver application server java 7.50