Lucene search
+L

341 matches found

Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.10 views

PT-2025-1184 · Sap · Sap Netweaver Application Server For Abap/Abap Platform

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server for ABAP and ABAP Platform affected versions not specified Description: The issue is related to information disclosure in error messages. An attacker, acting remotely, could gain unauthorized access to protect...

5.3CVSS7AI score0.00331EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/01/13 12:0 a.m.5 views

SAP NetWeaver Application Server和SAP ABAP Platform 授权问题漏洞

SAP NetWeaver Application Server and SAP ABAP Platform are both products of SAP, Germany.SAP NetWeaver Application Server is an application server.SAP ABAP Platform is an ABAP-based SAP ABAP Platform is an ABAP-based SAP solution. An authorization issue vulnerability exists in SAP NetWeaver...

9.9CVSS9.1AI score0.00687EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.7 views

The vulnerability of the SAP NetWeaver AS ABAP and SAP ABAP Platform software integration platform, related to the manipulation of the zero pointer, allows attackers to trigger a service failure.

The vulnerability of the SAP NetWeaver AS ABAP and SAP ABAP Platform software integration platform is related to the handling of the zero pointer. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

5.3CVSS5.4AI score0.03563EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2024/11/12 12:25 a.m.52 views

CVE-2024-47586

CVE-2024-47586 concerns SAP NetWeaver Application Server for ABAP and ABAP Platform. Affected component is the kernel path that dereferences a null pointer when handling a malicious HTTP request, allowing an unauthenticated, network-based attacker to crash and reboot the system, causing temporary...

5.3CVSS5.3AI score0.03563EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/12 12:25 a.m.12 views

CVE-2024-47586 NULL Pointer Dereference vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform

SAP NetWeaver Application Server for ABAP and ABAP Platform allows an unauthenticated attacker to send a maliciously crafted http request which could cause a null pointer dereference in the kernel. This dereference will result in the system crashing and rebooting, causing the system to be...

5.3CVSS7.2AI score0.03563EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/12 12:25 a.m.22 views

CVE-2024-47586 NULL Pointer Dereference vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform

SAP NetWeaver Application Server for ABAP and ABAP Platform allows an unauthenticated attacker to send a maliciously crafted http request which could cause a null pointer dereference in the kernel. This dereference will result in the system crashing and rebooting, causing the system to be...

5.3CVSS0.03563EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.4 views

SAP NetWeaver Application Server和SAP ABAP Platform 代码问题漏洞

SAP NetWeaver Application Server and SAP ABAP Platform are both products of SAP, Germany.SAP NetWeaver Application Server is an application server.SAP ABAP Platform is an ABAP based SAP ABAP Platform is an ABAP-based SAP solution. A code issue vulnerability exists in SAP NetWeaver Application...

5.3CVSS6.7AI score0.03563EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.3 views

SAP NetWeaver Application Server和SAP ABAP Platform 安全漏洞

SAP NetWeaver Application Server and SAP ABAP Platform are both products of SAP, Germany.SAP NetWeaver Application Server is an application server.SAP ABAP Platform is an ABAP based SAP ABAP Platform is an ABAP-based SAP solution. A security vulnerability exists in SAP NetWeaver Application Serve...

4.3CVSS6.6AI score0.00388EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.16 views

The vulnerabilities of SAP NetWeaver AS ABAP, SAP NetWeaver AS for Java, SAP Content Server, and SAP Web Dispatcher integration platforms are related to authentication procedures that lack sufficient safeguards. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerabilities of SAP NetWeaver AS ABAP, SAP NetWeaver AS for Java, SAP Content Server, and SAP Web Dispatcher programming integration platforms are related to deficiencies in authentication procedures. Exploiting these vulnerabilities can allow attackers to compromise the confidentiality,...

6.4CVSS5.5AI score0.00208EPSS
Exploits0References4Affected Software4
Vulnrichment
Vulnrichment
added 2024/09/10 4:25 a.m.11 views

CVE-2024-44117 Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform

The RFC enabled function module allows a low privileged user to perform various actions, such as modifying the URLs of any user's favourite nodes and workbook ID. There is low impact on integrity and availability of the application...

5.4CVSS7.1AI score0.00284EPSS
Exploits0References2
NVD
NVD
added 2024/09/10 4:15 a.m.26 views

CVE-2024-41728

Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impact on confidentiality, as this attacker would otherwise not have access to view these objects...

2.7CVSS0.00288EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/10 4:0 a.m.18 views

CVE-2024-41728 Missing Authorization check in SAP NetWeaver Application Server for ABAP and ABAP Platform

Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impact on confidentiality, as this attacker would otherwise not have access to view these objects...

2.7CVSS7AI score0.00288EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/10 4:0 a.m.32 views

CVE-2024-41728 Missing Authorization check in SAP NetWeaver Application Server for ABAP and ABAP Platform

Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impact on confidentiality, as this attacker would otherwise not have access to view these objects...

2.7CVSS0.00288EPSS
Exploits0References2
NVD
NVD
added 2024/09/10 3:15 a.m.20 views

CVE-2024-44114

SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. This results in a minimal impact on confidentiality of the application...

2.7CVSS0.00242EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/10 3:11 a.m.18 views

CVE-2024-44116 Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform

The RFC enabled function module allows a low privileged user to add any workbook to any user's workplace favourites. This vulnerability could be utilized to identify usernames and access information about targeted user's workplaces. There is low impact on integrity of the application...

4.3CVSS0.0025EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/10 3:8 a.m.4 views

CVE-2024-44115 Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform

The RFC enabled function module allows a low privileged user to add URLs to any user's workplace favourites. This vulnerability could be utilized to identify usernames and access information about targeted user's workplaces, and nodes. There is low impact on integrity of the application...

4.3CVSS6.5AI score0.0025EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/10 3:6 a.m.16 views

CVE-2024-44114 Missing Authorization check in SAP NetWeaver Application Server for ABAP and ABAP Platform

SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. This results in a minimal impact on confidentiality of the application...

2CVSS7.4AI score0.00242EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/10 3:6 a.m.28 views

CVE-2024-44114 Missing Authorization check in SAP NetWeaver Application Server for ABAP and ABAP Platform

SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. This results in a minimal impact on confidentiality of the application...

2CVSS0.00242EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/10 2:47 a.m.8 views

CVE-2024-42380 Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform

The RFC enabled function module allows a low privileged user to read any user's workplace favourites and user menu along with all the specific data of each node. Usernames can be enumerated by exploiting vulnerability. There is low impact on confidentiality of the application...

4.3CVSS6.9AI score0.00266EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/10 2:37 a.m.8 views

CVE-2024-42371 Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform

The RFC enabled function module allows a low privileged user to delete the workplace favourites of any user. This vulnerability could be utilized to identify usernames and access information about targeted user's workplaces and nodes. There is low impact on integrity and availability of the...

5.4CVSS6.7AI score0.00284EPSS
Exploits0References2
Rows per page
Query Builder