Missing Authentication Check in SAP Process Integration B2B Add-On with BouncyCastle Security Provider

Missing Authentication Check in SAP Process Integration B2B Add-On with BouncyCastle Security Provider

CVE-2019-0379 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

SAP Process Integration, business-to-business add-on, versions 1.0, 2.0, does not perform authentication check properly when the default security provider is changed to BouncyCastle (BC), leading to Missing Authentication Check

Learn more about our Web Application Penetration Testing UK.