CVE-2019-0330

The OS Command Plugin in the transaction GPA_ADMIN and the OSCommand Console of SAP Diagnostic Agent (LM-Service), version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:diagnostics_agent:7.20:*:*:*:*:*:*:*

History

19 Dec 2023, 15:32

Type Values Removed Values Added
First Time Sap diagnostics Agent
CPE cpe:2.3:a:sap:diagnostics_agents:7.20:*:*:*:*:*:*:* cpe:2.3:a:sap:diagnostics_agent:7.20:*:*:*:*:*:*:*

Information

Published : 2019-07-10 20:15

Updated : 2024-02-28 17:08


NVD link : CVE-2019-0330

Mitre link : CVE-2019-0330

CVE.ORG link : CVE-2019-0330


JSON object : View

Products Affected

sap

  • diagnostics_agent
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')