Vulnerabilites related to SAP SE - SAP Landscape Management enterprise edition
CVE-2019-0380 (GCVE-0-2019-0380)
Vulnerability from cvelistv5
Published
2019-10-08 19:31
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parameters’ default values to be part of the application logs leading to Information Disclosure.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP Landscape Management enterprise edition |
Version: < 3.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:26.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2828682"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP Landscape Management enterprise edition",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parameters\u2019 default values to be part of the application logs leading to Information Disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": " Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-08T19:31:03",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2828682"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2019-0380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Landscape Management enterprise edition",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "3.0"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parameters\u2019 default values to be part of the application logs leading to Information Disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": " Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2828682",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2828682"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2019-0380",
"datePublished": "2019-10-08T19:31:03",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:26.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}