SQL Injection Vulnerability in SAP Quality Management Allows Unauthorized Access to Historical Inspection Results

SQL Injection Vulnerability in SAP Quality Management Allows Unauthorized Access to Historical Inspection Results

CVE-2019-0393 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

An SQL Injection vulnerability in SAP Quality Management (corrected in S4CORE versions 1.0, 1.01, 1.02, 1.03) allows an attacker to carry out targeted database queries that can read individual fields of historical inspection results.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.