135 matches found
CVE-2021-21473
SAP NetWeaver AS ABAP and ABAP Platform, versions - 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, contains function module SRMRFCSUBMITREPORT which fails to validate authorization of an authenticated user thus allowing an unauthorized user to execute reports in SAP NetWeaver AB...
CVE-2021-21473
SAP NetWeaver AS ABAP and ABAP Platform, versions - 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, contains function module SRMRFCSUBMITREPORT which fails to validate authorization of an authenticated user thus allowing an unauthorized user to execute reports in SAP NetWeaver AB...
CVE-2021-21473
CVE-2021-21473 affects SAP NetWeaver AS ABAP and ABAP Platform versions 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755. The issue is in function module SRM_RFC_SUBMIT_REPORT which fails to validate authorization of an authenticated user, allowing an unauthorized user to execute r...
CVE-2021-27603
An RFC enabled function module SPIWAITMILLIS in SAP NetWeaver AS ABAP, versions - 731, 740, 750, allows to keep a work process busy for any length of time. An attacker could call this function module multiple times to block all work processes thereby causing Denial of Service and affecting the...
CVE-2021-27603
An RFC enabled function module SPIWAITMILLIS in SAP NetWeaver AS ABAP, versions - 731, 740, 750, allows to keep a work process busy for any length of time. An attacker could call this function module multiple times to block all work processes thereby causing Denial of Service and affecting the...
CVE-2021-27603
An RFC enabled function module SPIWAITMILLIS in SAP NetWeaver AS ABAP, versions - 731, 740, 750, allows to keep a work process busy for any length of time. An attacker could call this function module multiple times to block all work processes thereby causing Denial of Service and affecting the...
PT-2021-17539 · Sap · Sap Netweaver As Abap
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP versions 731, 740, 750 Description: The issue allows an attacker to cause a Denial of Service, affecting the Availability of the SAP system by blocking all work processes. This is achieved by calling the SPI WAIT MILLIS...
CVE-2021-21466
SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which...
Code injection
SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which...
PT-2021-14534 · Sap · Sap Business Warehouse +1
Name of the Vulnerable Software and Affected Versions: SAP Business Warehouse versions 700 through 750, 782 SAP BW/4HANA versions 100 through 200 Description: The issue allows a low-privileged attacker to inject code using a remote-enabled function module over the network. This can lead to the...
CVE-2020-26832
SAP AS ABAP SAP Landscape Transformation, versions - 20111620, 20111640, 20111700, 20111710, 20111730, 20111731, 20111752, 2020 and SAP S4 HANA SAP Landscape Transformation, versions - 101, 102, 103, 104, 105, allows a high privileged user to execute a RFC function module to which access should b...
CVE-2020-26832
SAP AS ABAP SAP Landscape Transformation, versions - 20111620, 20111640, 20111700, 20111710, 20111730, 20111731, 20111752, 2020 and SAP S4 HANA SAP Landscape Transformation, versions - 101, 102, 103, 104, 105, allows a high privileged user to execute a RFC function module to which access should b...
CVE-2020-26808
SAP AS ABAPDMIS, versions - 20111620, 20111640, 20111700, 20111710, 20111730, 20111731, 20111752, 2020 and SAP S4 HANADMIS, versions - 101, 102, 103, 104, 105, allows an authenticated attacker to inject arbitrary code into function module leading to code injection that can be executed in the...
CVE-2016-3635
SAP Netweaver 7.4 allows remote authenticated users to bypass an intended Unified Connectivity UCON access control list and execute arbitrary Remote Function Modules RFM by leveraging a connection created from earlier execution of an anonymous RFM included in a Communication Assembly, aka SAP...
Global 9 5% of the SAP Enterprise Management System there is a security vulnerability that could lead to serious data leakage-vulnerability warning-the black bar safety net
According to Onapsis research report, the world more than 2 5 million for corporate due to the SAP system in the presence of a series of security vulnerabilities affected, may lead to serious corporate data breaches. SAP is the world's most popular enterprise application software companies and...