Security Advisory

CVE-2019-0344

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-08-14 13:53:21

Last updated 2025-10-21 23:45:32

Assigner sap

State PUBLISHED

Description

Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with Hybris user rights, resulting in Code Injection.

← Browse all CVEs View on cve.org ↗