9 matches found
CVE-2021-33701
DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 20111620, 20111640, 20111700, 20111710, 20111730, 710, 20111731, 710, 20111752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain...
SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG ABAP Code Injection
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Remote ABAP Code Injection in SAP IUUCRECONRCCOUNTTABLEBIG product: SAP Netweaver vulnerable version: SAP DMIS 20111731 SP 0013 fixed version: see solution section below...
SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG SQL Injection
SEC Consult Vulnerability Lab Security Advisory ============================================================================== title: Remote ADBC SQL Injection in SAP IUUCRECONRCCOUNTTABLEBIG product: SAP Netweaver vulnerable version: see vulnerable/tested versions section below fixed version: se...
SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG SQL Injection Exploit
SAP Netweaver suffers from a remote ADBC SQL injection vulnerability in IUUCRECONRCCOUNTTABLEBIG. Other software and various versions are also affected. ============================================================================== title: Remote ADBC SQL Injection in SAP IUUCRECONRCCOUNTTABLEBIG...
SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG ABAP Code Injection Exploit
SAP Netweaver version SAP DMIS 20111731 SP 0013 suffers from a remote ABAP code injection vulnerability in IUUCRECONRCCOUNTTABLEBIG. ======================================================================= title: Remote ABAP Code Injection in SAP IUUCRECONRCCOUNTTABLEBIG product: SAP Netweaver...
CVE-2021-33701
DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 20111620, 20111640, 20111700, 20111710, 20111730, 710, 20111731, 710, 20111752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain...
CVE-2021-33701
DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 20111620, 20111640, 20111700, 20111710, 20111730, 710, 20111731, 710, 20111752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain...
CVE-2021-33701
DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 20111620, 20111640, 20111700, 20111710, 20111730, 710, 20111731, 710, 20111752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain...
CVE-2021-33701
CVE-2021-33701 affects SAP NetWeaver/DMIS components (e.g., SAP DMIS 2011_1_731 SP0013) via a remote SQL injection in the NDZT tool used by S/4HANA and the DMIS mobile plug-in. The root cause is an injection in the IUUC_RECON_RC_COUNT_TABLE_BIG/related query surface, enabling an attacker with hig...