(CVE-2019-0285) - SecureMisr identifies a high risk vulnerability impacting SAP Crystal Reports

from : April 11, 2019 to: April 11, 2019

SAP April 2019 Security Patch Day addressed a High risk information disclosure issue in Crystal Reports tracked as CVE-2019-0285 (CVSS Base Score: 7.5). The vulnerability could allow an attacker to access details such as Database Credentials, system data, debugging information, and other information.

This vulnerability has been reported by SecureMisr’s consultant and researcher Mohamed Fouad

SecureMisr is making this disclosure in accordance with its responsible disclosure practices after a fix has been released by SAP.

References:
https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-april-2019/ 
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114