Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-0338 | 1 Sap | 1 Gateway | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
During an OData V2/V4 request in SAP Gateway, versions 750, 751, 752, 753, the HTTP Header attributes cache-control and pragma were not properly set, allowing an attacker to access restricted information, resulting in Information Disclosure. | |||||
CVE-2019-0319 | 1 Sap | 2 Gateway, Ui5 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it's not. |