CVE-2019-0227 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2019-0227 Interim 1 17 2025-02-17T02:25:48Z current 2021-05-30T14:21:06Z 2025-02-17T02:25:48Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2019-0227 A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SLES for SAP Applications 11 SP3 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise High Performance Computing 12 SP3 SUSE Linux Enterprise High Performance Computing 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP3 LTSS SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Server 11 SP4 LTSS SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 axis axis as a component of SLES for SAP Applications 11 SP3 axis as a component of SUSE Linux Enterprise High Performance Computing 12 SP3 axis as a component of SUSE Linux Enterprise High Performance Computing 12 SP4 axis as a component of SUSE Linux Enterprise Module for Basesystem 15 axis as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata axis as a component of SUSE Linux Enterprise Server 11 SP3 LTSS axis as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata axis as a component of SUSE Linux Enterprise Server 11 SP4 LTSS axis as a component of SUSE Linux Enterprise Server 12 SP1-LTSS axis as a component of SUSE Linux Enterprise Server 12 SP2-LTSS axis as a component of SUSE Linux Enterprise Server 12 SP3 axis as a component of SUSE Linux Enterprise Server 12 SP4 axis as a component of SUSE Linux Enterprise Server 12-LTSS axis as a component of SUSE Linux Enterprise Server for SAP Applications 12 axis as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 axis as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue. CVE-2019-0227 SLES for SAP Applications 11 SP3:axis SUSE Linux Enterprise High Performance Computing 12 SP3:axis SUSE Linux Enterprise High Performance Computing 12 SP4:axis SUSE Linux Enterprise Module for Basesystem 15:axis SUSE Linux Enterprise Server 11 SP1 for Teradata:axis SUSE Linux Enterprise Server 11 SP3 LTSS:axis SUSE Linux Enterprise Server 11 SP3 for Teradata:axis SUSE Linux Enterprise Server 11 SP4 LTSS:axis SUSE Linux Enterprise Server 12 SP1-LTSS:axis SUSE Linux Enterprise Server 12 SP2-LTSS:axis SUSE Linux Enterprise Server 12 SP3:axis SUSE Linux Enterprise Server 12 SP4:axis SUSE Linux Enterprise Server 12-LTSS:axis SUSE Linux Enterprise Server for SAP Applications 12 SP2:axis SUSE Linux Enterprise Server for SAP Applications 12 SP4:axis SUSE Linux Enterprise Server for SAP Applications 12:axis important 5.4 AV:A/AC:M/Au:N/C:P/I:P/A:P 7.5 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H