Unauthenticated Access to SAP NetWeaver Process Integration (Runtime Workbench) Exposes Internal Data

Unauthenticated Access to SAP NetWeaver Process Integration (Runtime Workbench) Exposes Internal Data

CVE-2019-0282 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Several web pages in SAP NetWeaver Process Integration (Runtime Workbench), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; can be accessed without user authentication, which might expose internal data like release information, Java package and Java object names which can be misused by the attacker.

Learn more about our Web App Pen Testing.