Lucene search
K

74 matches found

Positive Technologies
Positive Technologies
added 2022/11/08 12:0 a.m.5 views

PT-2022-25733 · Sap · Abap Platform +1

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP and ABAP Platform affected versions not specified Description: The issue is caused by insufficient input validation, allowing an attacker with high-level privileges to use a remote-enabled function to rea...

4.9CVSS4.7AI score0.00764EPSS
Exploits0References5
OSV
OSV
added 2022/05/11 3:15 p.m.2 views

CVE-2022-29611

SAP NetWeaver Application Server for ABAP and ABAP Platform do not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges...

8.8CVSS7.3AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/03/01 12:0 a.m.8 views

The vulnerabilities of the SAP NetWeaver software integration platform, the SAP Content Server content server, and the SAP Web Dispatcher web dispatcher are related to deficiencies in HTTP request processing. This allows attackers to inject arbitrary code.

The vulnerability of the execute function in SAP software, specifically SAP ContentServer, and the software of SAP NetWeaver – the Content Server and the SAP Web Dispatcher – are related to HTTP request processing vulnerabilities. Exploiting these vulnerabilities allows a malicious actor to injec...

10CVSS8.3AI score0.97945EPSS
Exploits8References5Affected Software3
ATTACKERKB
ATTACKERKB
added 2022/01/14 8:15 p.m.3 views

CVE-2021-42067

In SAP NetWeaver AS for ABAP and ABAP Platform - versions 701, 702, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 786, an attacker authenticated as a regular user can use the S/4 Hana dashboard to reveal systems and services which they would not normally be allowed to see. No information...

4.3CVSS5.8AI score0.00631EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/07/15 12:0 a.m.22 views

The vulnerability of the SAP NetWeaver integration platform, related to the lack of measures taken to protect the structure of web pages, allows attackers to intercept administrator or user sessions of web resources.

The vulnerability of the Pmitest server of the SAP NetWeaver software integration platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor, operating remotely, to intercept the session of administrators or...

5.9CVSS5.5AI score
Exploits0Affected Software1
CNNVD
CNNVD
added 2021/07/13 12:0 a.m.4 views

SAP NetWeaver AS ABAP 代码注入漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides web services, but is also the basic platform for SAP software. A security vulnerability exists in SAP NetWeaver AS ABAP, which originates from a code injection in the product. The following products and versions a...

7.5CVSS7.1AI score0.02546EPSS
Exploits2References8
OSV
OSV
added 2021/06/09 2:15 p.m.4 views

CVE-2021-27607

SAP NetWeaver ABAP Server and ABAP Platform Dispatcher, versions - KRNL32NUC - 7.22,7.22EXT, KRNL32UC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without...

7.5CVSS7.3AI score0.01508EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.5 views

SAP Netweaver和SAP NetWeaver AS ABAP Business Server 代码问题漏洞

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A memory corruption vulnerability exists in SAP NetWeaver AS for ABAP, which originates from an input validation...

7.5CVSS5.7AI score0.01508EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.6 views

SAP NetWeaver AS ABAP Business Server 跨站脚本漏洞

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A cross-site scripting vulnerability exists in SAP NetWeaver AS for ABAP, which can be exploited by an attacker ...

6.1CVSS5.3AI score0.00585EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.4 views

SAP Netweaver 命令注入漏洞

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A command injection vulnerability exists in SAP NetWeaver AS ABAP, which can be exploited by an attacker to inse...

5.8CVSS5.8AI score0.00766EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.5 views

SAP NetWeaver AS ABAP Business Server 代码问题漏洞

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A memory corruption vulnerability exists in SAP NetWeaver ABAP Server and ABAP Platform, which stems from an inp...

7.5CVSS5.7AI score0.01508EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2021/04/21 12:0 a.m.8 views

The vulnerability of the ABAP Server component of the SAP NetWeaver software integration platform allows a hacker to inject arbitrary code.

The vulnerability of the ABAP Server component of the SAP NetWeaver software integration platform is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to inject arbitrary code remotely...

8.7CVSS7.6AI score0.01327EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2021/01/14 12:0 a.m.3 views

SAP Netweaver AS ABAP Resource Management Error Vulnerability

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A security vulnerability exists in SAP NetWeaver AS ABAP, which can be exploited by an attacker to crash an...

7.5CVSS6.8AI score0.01441EPSS
Exploits0References1
CNVD
CNVD
added 2020/10/28 12:0 a.m.2 views

SAP Cross-Site Scripting Vulnerability (CNVD-2020-59734)

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. SAP has a security vulnerability. No details of the vulnerability are provided at this time...

4.8CVSS6.9AI score0.00521EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/18 12:0 a.m.2 views

SAP NetWeaver AS ABAP and ABAP Platform Information Disclosure Vulnerability (CNVD-2020-48592)

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. An information disclosure vulnerability exists in SAP NetWeaver AS ABAP and ABAP Platform, which can be exploite...

4.3CVSS6.4AI score0.00897EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/07/15 12:0 a.m.7 views

The vulnerability of the SAP NetWeaver software integration platform, related to the lack of measures for cleaning input data, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the SAP NetWeaver software integration platform is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

6.4CVSS6AI score0.01064EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2020/07/14 1:15 p.m.3 views

CVE-2020-6285

SAP NetWeaver - XML Toolkit for JAVA ENGINEAPI versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure...

6.5CVSS6.9AI score0.01107EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/02/17 12:0 a.m.4 views

The vulnerability of the SAP NetWeaver software integration platform, caused by deficiencies in the authentication process, allows attackers to increase their privileges.

The vulnerability of the SAP NetWeaver software integration platform is due to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

9CVSS7.6AI score0.0139EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/05/07 12:0 a.m.4 views

The vulnerability of the ABAP Server component of the SAP NetWeaver software integration platform allows attackers to enhance their privileges.

The vulnerability of the ABAP Server component of the SAP NetWeaver software integration platform is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to gain increased privileges...

6.5CVSS7.6AI score0.01404EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/04/12 12:0 a.m.5 views

The vulnerability of the SAP NetWeaver software integration platform, related to insufficient validation of input data, allows attackers to increase their privileges.

The vulnerability of the SAP NetWeaver software integration platform is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

7.5CVSS7.5AI score0.01653EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder