Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Vulnerabilities fixed in SAP

🗓️ 13 Jun 2023 00:00:00Reported by NCSCType 
ncsc
 ncsc🔗 advisories.ncsc.nl👁 7 Views

SAP fixed issues in NetWeaver, CRM and SAPUI5 with Cross Site Scripting, Denial of Service, authentication bypass and SQL injection

Related
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of the SAP NetWeaver Enterprise Portal software integration platform allows attackers to carry out cross-site scripting attacks.
26 Jul 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the SAP NetWeaver Design Time Repository, a software integration platform, allows a hacker to inject arbitrary HTML code.
26 Jul 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the Grantor Management component in the SAP CRM ABAP integration module for managing customer relationships, related to the lack of measures to cleanse input data, allows attackers to execute cross-site scripting attacks.
26 Jul 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the Variant Management component in the SAP UI5 software platform, related to the lack of measures for cleaning incoming data, allows attackers to execute cross-site scripting attacks (Stored XSS).
26 Jul 202300:00
bdu_fstec
BDU FSTEC		The vulnerabilities of SAP Plant Connectivity and Production Connector software components, which are used for managing production operations and processes in SAP Digital Manufacturing, allow attackers to execute arbitrary code.
26 Jul 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the Change and Transport System component of the SAP NetWeaver software integration platform allows a perpetrator to trigger a service failure.
26 Jul 202300:00
bdu_fstec
Circl		CVE-2023-2827
14 Jun 202315:31
circl
Circl		CVE-2023-33991
13 Jun 202307:14
circl
CNNVD		SAP Variant Management 跨站脚本漏洞
13 Jun 202300:00
cnnvd
CNNVD		SAP NetWeaver Enterprise Portal 跨站脚本漏洞
13 Jun 202300:00
cnnvd
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
13 Jun 2023 00:00Current
7High risk
Vulners AI Score7
CVSS 3.18.2
EPSS0.00596
SSVC
NetWeaver platformCustomer Relationship ManagementSap User InterfaceCross Site ScriptingDenial of ServiceAuthentication bypassSQL injection
7