Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Vulnerabilities fixed in SAP products

🗓️ 11 Jun 2024 12:37:09Reported by NCSCType 
ncsc
 ncsc🔗 advisories.ncsc.nl👁 6 Views

SAP fixed vulnerabilities in Business Objects, HANA, CRM and NetWeaver, patching DoS, authentication bypass, cross site scripting and sensitive data access.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of the “Manage Incoming Payment Files” component of the SAP S/4HANA software platform allows a perpetrator to compromise the integrity of the protected information.
5 Jul 202400:00
bdu_fstec
BDU FSTEC		The vulnerability of the Transformation and Data Transfer Process (DTP) in the SAP BW/4HANA data management and analytics system allows attackers to enhance their privileges.
8 Jul 202400:00
bdu_fstec
BDU FSTEC		The vulnerability of SAP Document Builder in creating and managing documents allows for unlimited uploading of sensitive files, enabling an attacker to gain access to read, modify, or delete data.
8 Jul 202400:00
bdu_fstec
BDU FSTEC		The vulnerability of the Meta Model Repository component of the SAP NetWeaver AS for Java software used for creating and deploying web applications allows a attacker to cause a service failure.
8 Jul 202400:00
bdu_fstec
BDU FSTEC		The vulnerability of the student lifecycle management system in higher education institutions, SAP Student Life Cycle Management (SLcM), is related to deficiencies in the authentication process, which allow unauthorized users to elevate their privileges.
8 Jul 202400:00
bdu_fstec
BDU FSTEC		The vulnerability of SAP NetWeaver AS ABAP and SAP NetWeaver ABAP integration platforms, related to uncontrolled resource consumption, allows attackers to trigger service failures.
8 Jul 202400:00
bdu_fstec
BDU FSTEC		The vulnerability of the SAP Financial Consolidation web application stems from insufficient protection of the web page structure, allowing attackers to carry out cross-site scripting attacks.
8 Jul 202400:00
bdu_fstec
CNNVD		SAP BW/4HANA Security Vulnerabilities
11 Jun 202400:00
cnnvd
CNNVD		SAP NetWeaver AS Resource Management Error Vulnerability
11 Jun 202400:00
cnnvd
CNNVD		SAP Student Life Cycle Management Security Vulnerability
11 Jun 202400:00
cnnvd
Rows per page
Vulners
Node
sapcrm_-_webclient_uiMatch103
OR
sapcrm_-_webclient_uiMatch104
OR
sapcrm_-_webclient_uiMatch105
OR
sapcrm_-_webclient_uiMatch106
OR
sapcrm_-_webclient_uiMatch107
OR
sapcrm_-_webclient_uiMatch701
OR
sapcrm_-_webclient_uiMatch730
OR
sapcrm_-_webclient_uiMatch731
OR
sapcrm_-_webclient_uiMatch746
OR
sapcrm_-_webclient_uiMatch747
OR
sapcrm_-_webclient_uiMatch748
OR
sapcrm_-_webclient_uiMatch800
OR
sapcrm_-_webclient_uiMatch801
OR
sapdocument_builderMatch101
OR
sapdocument_builderMatch103
OR
sapdocument_builderMatch104
OR
sapdocument_builderMatch105
OR
sapdocument_builderMatch106
OR
sapdocument_builderMatch107
OR
sapdocument_builderMatch108
OR
sapdocument_builderMatch731
OR
sapdocument_builderMatch746
OR
sapdocument_builderMatch747
OR
sapdocument_builderMatch748
OR
sapfinancial_consolidationMatch1010
OR
sapnetweaver_application_server_abapMatch700
OR
sapnetweaver_application_server_abapMatch710
OR
sapnetweaver_application_server_abapMatch740
OR
sapnetweaver_as_java_for_deploy_serviceMatch7.5
OR
sapstudent_life_cycle_managementMatch618
OR
sapstudent_life_cycle_managementMatch802
OR
sapstudent_life_cycle_managementMatch803
OR
sapstudent_life_cycle_managementMatch804
OR
sapstudent_life_cycle_managementMatch805
OR
sapstudent_life_cycle_managementMatch806
OR
sapstudent_life_cycle_managementMatch807
OR
sapstudent_life_cycle_managementMatch808

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
11 Jun 2024 12:37Current
6.4Medium risk
Vulners AI Score6.4
CVSS 3.17.5 - 8.1
EPSS0.00541
SSVC
business objectshana databasecustomer relationship managementnetweaverdenial of serviceauthentication bypasscross site scriptingdata manipulationsensitive data access
6