cvelist/2019/0xxx/CVE-2019-0312.json

{
	"data_type": "CVE",
	"data_format": "MITRE",
	"data_version": "4.0",
	"CVE_data_meta": {
		"ID": "CVE-2019-0312",
		"ASSIGNER": "cna@sap.com"
	},
	"affects": {
		"vendor": {
			"vendor_data": [
				{
					"vendor_name": "SAP SE",
					"product": {
						"product_data": [
							{
								"product_name": "SAP NetWeaver Process Integration(SAP_XIESR)",
								"version": {
									"version_data": [
										{
											"version_name": "<",
											"version_value": "7.10 to 7.11"
										},
										{
											"version_name": "<",
											"version_value": "7.20"
										},
										{
											"version_name": "<",
											"version_value": "7.30"
										},
										{
											"version_name": "<",
											"version_value": "7.31"
										},
										{
											"version_name": "<",
											"version_value": "7.40"
										},
										{
											"version_name": "<",
											"version_value": "7.50"
										}
									   ]
									}
								  },	{
								"product_name": "SAP NetWeaver Process Integration(SAP_XITOOL)",
								"version": {
									"version_data": [
										{
											"version_name": "<",
											"version_value": "7.10 to 7.11"
										},
										{
											"version_name": "<",
											"version_value": "7.30"
										},
										{
											"version_name": "<",
											"version_value": "7.31"
										},
										{
											"version_name": "<",
											"version_value": "7.40"
										},
										{
											"version_name": "<",
											"version_value": "7.50"
										}
									   ]
									}
								  }
						]
					}
				}
			]
		}
	},
	 "description": {
      "description_data": [
         {
            "lang": "eng",
            "value": "Several web pages provided SAP NetWeaver Process Integration (versions: SAP_XIESR: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP_XITOOL: 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50) are not password protected. An attacker could access landscape information like host names, ports or other technical data in the absence of restrictive firewall and port settings."
         }
      ]
   },
	
	
	"problemtype":{
		"problemtype_data":[
			{
				"description":[
					{
						"lang": "eng",
						"value":"Information Disclosure"
					}
				]
			}
		]
	},
	"references":{
		"reference_data":[
			{
				"url":"https://launchpad.support.sap.com/#/notes/2744086"
			},
			{
				"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=521864242"
			}
		]
	}
}
- Synchronized data. 2018-11-26 08:03:09 -05:00			`{`
merging publication request. 2019-06-12 10:39:52 -04:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"data_version": "4.0",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2019-0312",`
			`"ASSIGNER": "cna@sap.com"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "SAP SE",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "SAP NetWeaver Process Integration(SAP_XIESR)",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_name": "<",`
			`"version_value": "7.10 to 7.11"`
			`},`
			`{`
			`"version_name": "<",`
			`"version_value": "7.20"`
			`},`
			`{`
			`"version_name": "<",`
			`"version_value": "7.30"`
			`},`
			`{`
			`"version_name": "<",`
			`"version_value": "7.31"`
			`},`
			`{`
			`"version_name": "<",`
			`"version_value": "7.40"`
			`},`
			`{`
			`"version_name": "<",`
			`"version_value": "7.50"`
			`}`
			`]`
			`}`
			`}, {`
			`"product_name": "SAP NetWeaver Process Integration(SAP_XITOOL)",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_name": "<",`
			`"version_value": "7.10 to 7.11"`
			`},`
			`{`
			`"version_name": "<",`
			`"version_value": "7.30"`
			`},`
			`{`
			`"version_name": "<",`
			`"version_value": "7.31"`
			`},`
			`{`
			`"version_name": "<",`
			`"version_value": "7.40"`
			`},`
			`{`
			`"version_name": "<",`
			`"version_value": "7.50"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
			`"value": "Several web pages provided SAP NetWeaver Process Integration (versions: SAP_XIESR: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP_XITOOL: 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50) are not password protected. An attacker could access landscape information like host names, ports or other technical data in the absence of restrictive firewall and port settings."`
			`}`
			`]`
			`},`


			`"problemtype":{`
			`"problemtype_data":[`
			`{`
			`"description":[`
			`{`
			`"lang": "eng",`
			`"value":"Information Disclosure"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references":{`
			`"reference_data":[`
			`{`
			`"url":"https://launchpad.support.sap.com/#/notes/2744086"`
			`},`
			`{`
			`"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=521864242"`
			`}`
			`]`
			`}`
"-Synchronized-Data." 2019-03-18 00:20:07 +00:00			`}`