Information Disclosure in SAP Landscape Management Enterprise Edition

Information Disclosure in SAP Landscape Management Enterprise Edition

CVE-2019-0380 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parameters’ default values to be part of the application logs leading to Information Disclosure.

Learn more about our Web Application Penetration Testing UK.