SAP NetWeaver AS ABAP Platform Privilege Escalation Vulnerability

SAP NetWeaver AS ABAP Platform Privilege Escalation Vulnerability

CVE-2019-0255 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:N

SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 7.74, Kernel 7.73, 7.74, 7.75, fails to validate type of installation for an ABAP Server system correctly. That behavior may lead to situation, where business user achieves access to the full SAP Menu, that is 'Easy Access Menu'. The situation can be misused by any user to leverage privileges to business functionality.

Learn more about our Cis Benchmark Audit For Server Software.