Code Injection Vulnerability in SAP NetWeaver Application Server Java Web Container and SAP-JEECOR

Code Injection Vulnerability in SAP NetWeaver Application Server Java Web Container and SAP-JEECOR

CVE-2019-0355 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

SAP NetWeaver Application Server Java Web Container, ENGINEAPI (before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (before versions 6.40, 7.0, 7.01), allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.

Learn more about our Web App Pen Testing.