Rewterz Threat Advisory – CVE 2019-0351 – SAP NetWeaver UDDI Server Remote Code Execution Vulnerability

Rewterz Threat Advisory – CVE 2019- 11733 – Mozilla Fixes Store Passwords in ‘Saved Logins’ can be copied without master password entry

August 16, 2019

Rewterz Threat Alert – FBR Phishing Campaign Continues to Target Users

August 19, 2019

Rewterz Threat Advisory – CVE 2019-0351 – SAP NetWeaver UDDI Server Remote Code Execution Vulnerability

Severity

High

Analysis Summary

A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry). Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate.

Impact

Remote code execution

Affected Vendors

SAP

Affected Products

SAP NetWeaver UDDI Server Versions – 7.10
7.11
7.20
7.30
7.31
7.40
7.50

Remediation

Please see SAP security patch day for more details:

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017

Rewterz Threat Advisory – CVE 2019- 11733 – Mozilla Fixes Store Passwords in ‘Saved Logins’ can be copied without master password entry

Rewterz Threat Alert – FBR Phishing Campaign Continues to Target Users

Rewterz Threat Advisory – CVE 2019-0351 – SAP NetWeaver UDDI Server Remote Code Execution Vulnerability

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan