Back to search
CVE-2019-0330
Published: Jul 10, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
The OS Command Plugin in the transaction GPA_ADMIN and the OSCommand Console of SAP Diagnostic Agent (LM-Service), version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.
| Vendor | Product | Versions |
|---|---|---|
SAP SE | SAP Diagnostic Agent (LM-Service) | affected < 7.20 |
References
109068
vdb-entry
x_refsource_BID
https://launchpad.support.sap.com/#/notes/2808158
x_refsource_MISC
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now