SAP AS ABAP和SAP NetWeaver ABAP Platform 数据伪造问题漏洞

SAP AS ABAP and SAP NetWeaver ABAP Platform are both products of the German company SAP. SAP AS ABAP is a development tool for SAP software. SAP NetWeaver ABAP Platform is an integrated technology platform. Both SAP AS ABAP and SAP NetWeaver ABAP Platform have vulnerabilities related to data...

SAP ABAP Platform 安全漏洞

SAP ABAP Platform is an ABAP-based SAP solution developed by the German company SAP. There is a security vulnerability in SAP ABAP Platform, which stems from the unauthorized activation of functional modules that fail to perform necessary authorization checks on verified users. This vulnerability...

EUVD-2021-27677

Malicious code in bioql PyPI...

SAP NetWeaver Application Server ABAP和SAP ABAP Platform 跨站脚本漏洞

SAP ABAP Platform and SAP NetWeaver Application Server ABAP are both products of SAP, Germany.SAP ABAP Platform is an ABAP-based SAP solution.SAP NetWeaver Application Server SAP NetWeaver Application Server ABAP is a platform for running and developing applications based on the ABAP language. A...

CVE-2024-27900

Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...

CVE-2021-40501

SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker...

CVE-2025-24872

The ABAP Build Framework in SAP ABAP Platform allows an authenticated attacker to gain unauthorized access to a specific transaction. By executing the add-on build functionality within the ABAP Build Framework, an attacker could call the transaction and view its details. This has a limited impact...

CVE-2025-24872

CVE-2025-24872 concerns the SAP ABAP Platform, specifically the ABAP Build Framework. The authenticated attacker can gain unauthorized access to a specific transaction by invoking the add-on build functionality, allowing viewing of the transaction details. The documented impact is limited to conf...

CVE-2025-24872 Missing Authorization check in SAP ABAP Platform (ABAP Build Framework)

The ABAP Build Framework in SAP ABAP Platform allows an authenticated attacker to gain unauthorized access to a specific transaction. By executing the add-on build functionality within the ABAP Build Framework, an attacker could call the transaction and view its details. This has a limited impact...

SAP NetWeaver Application Server和SAP ABAP Platform 授权问题漏洞

SAP NetWeaver Application Server and SAP ABAP Platform are both products of SAP, Germany.SAP NetWeaver Application Server is an application server.SAP ABAP Platform is an ABAP-based SAP ABAP Platform is an ABAP-based SAP solution. An authorization issue vulnerability exists in SAP NetWeaver...

The vulnerability of the SAP NetWeaver AS ABAP and SAP ABAP Platform software integration platform, related to the manipulation of the zero pointer, allows attackers to trigger a service failure.

The vulnerability of the SAP NetWeaver AS ABAP and SAP ABAP Platform software integration platform is related to the handling of the zero pointer. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

SAP ABAP Platform Authorization Issues Vulnerability

SAP ABAP Platform is an ABAP-based SAP solution from SAP. SAP ABAP Platform has an authorization issue vulnerability that stems from a lack of authorization checks. An attacker with a business user account in SAP ABAP Platform could exploit the vulnerability to change the privacy settings of a jo...

CVE-2024-27900

Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...

CVE-2024-27900

Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...

Authorization

Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...

CVE-2024-27900 Missing Authorization check in SAP ABAP Platform

Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...

CVE-2024-27900 Missing Authorization check in SAP ABAP Platform

Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...

SAP ABAP Platform Path Traversal Vulnerability

SAP ABAP Platform is an ABAP-based SAP solution from SAP Germany. A path traversal vulnerability exists in SAP ABAP Platform, which stems from a failure of the network system or product to properly filter special elements in the path of a resource or file. An attacker could exploit this...

CVE-2023-25615 SQL Injection vulnerability in SAP ABAP Platform

Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead t...

CVE-2021-40501

SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker...