BID:106463

SAP Cloud Connector CVE-2019-0246 Multiple Unspecified Security Vulnerabilities

CVE-2019-246 |

Info

SAP Cloud Connector CVE-2019-0246 Multiple Unspecified Security Vulnerabilities

Bugtraq ID:	106463
Class:	Unknown
CVE:	CVE-2019-0246
Remote:	Yes
Local:	No
Published:	Jan 08 2019 12:00AM
Updated:	Jan 08 2019 12:00AM
Credit:	The vendor reported these issues.
Vulnerable:	SAP Cloud Connector 2.11

Not Vulnerable:	SAP Cloud Connector 2.11.3

Discussion

SAP Cloud Connector CVE-2019-0246 Multiple Unspecified Security Vulnerabilities

SAP Cloud Connector is prone to multiple unspecified security vulnerabilities.

An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks.

Versions prior to SAP Cloud Connector 2.11.3 are vulnerable.

Exploit / POC

SAP Cloud Connector CVE-2019-0246 Multiple Unspecified Security Vulnerabilities

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

SAP Cloud Connector CVE-2019-0246 Multiple Unspecified Security Vulnerabilities

Solution:
Updates are available. Please see the references or vendor advisory for more information.

References

SAP Cloud Connector CVE-2019-0246 Multiple Unspecified Security Vulnerabilities

References:

SAP Homepage (SAP)
SAP Security Note 2696233 (SAP)
SAP Security Patch Day �?? January 2019 (SAP)