Missing Authorization Check in SAP NetWeaver Process Integration (B2B Toolkit) Allows Unauthorized Import of B2B Table Content

Missing Authorization Check in SAP NetWeaver Process Integration (B2B Toolkit) Allows Unauthorized Import of B2B Table Content

CVE-2019-0367 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

SAP NetWeaver Process Integration (B2B Toolkit), before versions 1.0 and 2.0, does not perform necessary authorization checks for an authenticated user, allowing the import of B2B table content that leads to Missing Authorization Check.

Learn more about our User Device Pen Test.