{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T11:41:34.800","vulnerabilities":[{"cve":{"id":"CVE-2019-0370","sourceIdentifier":"cna@sap.com","published":"2019-10-08T20:15:11.090","lastModified":"2024-11-21T04:16:45.313","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Due to missing input validation, SAP Financial Consolidation, before versions 10.0 and 10.1, enables an attacker to use crafted input to interfere with the structure of the surrounding query leading to XPath Injection."},{"lang":"es","value":"Debido a la falta de comprobación de entrada, SAP Financial Consolidation, versiones anteriores a 10.0 y 10.1, permite a un atacante usar entradas diseñadas para interferir con la estructura de la consulta surrounding conllevando a la inyección de XPath."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-91"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:financial_consolidation:10.0:*:*:*:*:*:*:*","matchCriteriaId":"2A42FEC8-17DA-46D1-80B7-3C80E43EA3F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:financial_consolidation:10.1:*:*:*:*:*:*:*","matchCriteriaId":"614127F7-BF1B-4F5B-B677-A8847D7AD9F3"}]}]}],"references":[{"url":"https://launchpad.support.sap.com/#/notes/2806403","source":"cna@sap.com","tags":["Permissions Required"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050","source":"cna@sap.com","tags":["Vendor Advisory"]},{"url":"https://launchpad.support.sap.com/#/notes/2806403","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]},{"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}