Vulnerability Name:

CVE-2019-0319 (CCN-166212)

Assigned:2018-11-26
Published:2019-07-09
Updated:2020-08-24
Summary:The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it's not.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
7.2 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:H/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
4.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)
4.1 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:H/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-79
CWE-74
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2019-0319

Source: MISC
Type: Exploit, Third Party Advisory
http://packetstormsecurity.com/files/153661/SAPUI5-1.0.0-SAP-Gateway-7.5-7.51-7.52-7.53-Content-Spoofing.html

Source: BID
Type: Third Party Advisory, VDB Entry
109074

Source: MISC
Type: Third Party Advisory
https://cxsecurity.com/ascii/WLB-2019050283

Source: MISC
Type: Exploit, Third Party Advisory
https://drive.google.com/open?id=1aGFqggvydehSK7MFIsfKW7tO60yiF55f

Source: XF
Type: UNKNOWN
sap-cve20190319-sec-bypass(166212)

Source: CCN
Type: SAP Web site
SAP Support Note 2752614

Source: MISC
Type: Permissions Required, Vendor Advisory
https://launchpad.support.sap.com/#/notes/2752614

Source: MISC
Type: UNKNOWN
https://launchpad.support.sap.com/#/notes/2911267

Source: CCN
Type: SAP Security Patch Day - July 2019
SAP Security Patch Day - July 2019

Source: CONFIRM
Type: Vendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575

Vulnerable Configuration:Configuration 1:
  • cpe:/a:sap:gateway:7.5:*:*:*:*:*:*:*
  • OR cpe:/a:sap:gateway:7.51:*:*:*:*:*:*:*
  • OR cpe:/a:sap:gateway:7.52:*:*:*:*:*:*:*
  • OR cpe:/a:sap:gateway:7.53:*:*:*:*:*:*:*
  • OR cpe:/a:sap:ui5:1.0.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:sap:gateway:7.5:*:*:*:*:*:*:*
  • OR cpe:/a:sap:gateway:7.51:*:*:*:*:*:*:*
  • OR cpe:/a:sap:gateway:7.52:*:*:*:*:*:*:*
  • OR cpe:/a:sap:gateway:7.53:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    sap gateway 7.5
    sap gateway 7.51
    sap gateway 7.52
    sap gateway 7.53
    sap ui5 1.0.0
    sap gateway 7.5
    sap gateway 7.51
    sap gateway 7.52
    sap gateway 7.53