{"containers":{"cna":{"affected":[{"product":"SAP Gateway","vendor":"SAP SE","versions":[{"status":"affected","version":"< 7.5"},{"status":"affected","version":"< 7.51"},{"status":"affected","version":"< 7.52"},{"status":"affected","version":"< 7.53"}]}],"descriptions":[{"lang":"en","value":"The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it's not."}],"problemTypes":[{"descriptions":[{"description":"Content Injection","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2020-06-09T12:46:08.000Z","orgId":"e4686d1a-f260-4930-ac4c-2f5c992778dd","shortName":"sap"},"references":[{"name":"109074","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/109074"},{"tags":["x_refsource_MISC"],"url":"https://launchpad.support.sap.com/#/notes/2752614"},{"tags":["x_refsource_CONFIRM"],"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575"},{"tags":["x_refsource_MISC"],"url":"https://cxsecurity.com/ascii/WLB-2019050283"},{"tags":["x_refsource_MISC"],"url":"https://drive.google.com/open?id=1aGFqggvydehSK7MFIsfKW7tO60yiF55f"},{"tags":["x_refsource_MISC"],"url":"http://packetstormsecurity.com/files/153661/SAPUI5-1.0.0-SAP-Gateway-7.5-7.51-7.52-7.53-Content-Spoofing.html"},{"tags":["x_refsource_MISC"],"url":"https://launchpad.support.sap.com/#/notes/2911267"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cna@sap.com","ID":"CVE-2019-0319","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"SAP Gateway","version":{"version_data":[{"version_name":"<","version_value":"7.5"},{"version_name":"<","version_value":"7.51"},{"version_name":"<","version_value":"7.52"},{"version_name":"<","version_value":"7.53"}]}}]},"vendor_name":"SAP SE"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it's not."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Content Injection"}]}]},"references":{"reference_data":[{"name":"109074","refsource":"BID","url":"http://www.securityfocus.com/bid/109074"},{"name":"https://launchpad.support.sap.com/#/notes/2752614","refsource":"MISC","url":"https://launchpad.support.sap.com/#/notes/2752614"},{"name":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575","refsource":"CONFIRM","url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575"},{"name":"https://cxsecurity.com/ascii/WLB-2019050283","refsource":"MISC","url":"https://cxsecurity.com/ascii/WLB-2019050283"},{"name":"https://drive.google.com/open?id=1aGFqggvydehSK7MFIsfKW7tO60yiF55f","refsource":"MISC","url":"https://drive.google.com/open?id=1aGFqggvydehSK7MFIsfKW7tO60yiF55f"},{"name":"http://packetstormsecurity.com/files/153661/SAPUI5-1.0.0-SAP-Gateway-7.5-7.51-7.52-7.53-Content-Spoofing.html","refsource":"MISC","url":"http://packetstormsecurity.com/files/153661/SAPUI5-1.0.0-SAP-Gateway-7.5-7.51-7.52-7.53-Content-Spoofing.html"},{"name":"https://launchpad.support.sap.com/#/notes/2911267","refsource":"MISC","url":"https://launchpad.support.sap.com/#/notes/2911267"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T17:44:16.458Z"},"title":"CVE Program Container","references":[{"name":"109074","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/109074"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://launchpad.support.sap.com/#/notes/2752614"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://cxsecurity.com/ascii/WLB-2019050283"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://drive.google.com/open?id=1aGFqggvydehSK7MFIsfKW7tO60yiF55f"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://packetstormsecurity.com/files/153661/SAPUI5-1.0.0-SAP-Gateway-7.5-7.51-7.52-7.53-Content-Spoofing.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://launchpad.support.sap.com/#/notes/2911267"}]}]},"cveMetadata":{"assignerOrgId":"e4686d1a-f260-4930-ac4c-2f5c992778dd","assignerShortName":"sap","cveId":"CVE-2019-0319","datePublished":"2019-07-10T18:51:55.000Z","dateReserved":"2018-11-26T00:00:00.000Z","dateUpdated":"2024-08-04T17:44:16.458Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}