44 matches found
SAP NetWeaver Application Server和SAP ABAP Platform 授权问题漏洞
SAP NetWeaver Application Server and SAP ABAP Platform are both products of SAP, Germany.SAP NetWeaver Application Server is an application server.SAP ABAP Platform is an ABAP-based SAP ABAP Platform is an ABAP-based SAP solution. An authorization issue vulnerability exists in SAP NetWeaver...
CVE-2024-33001
SAP NetWeaver and ABAP platform allows an attacker to impede performance for legitimate users by crashing or flooding the service. An impact of this Denial of Service vulnerability might be long response delays and service interruptions, thus degrading the service quality experienced by legitimat...
SAP ABAP Platform Authorization Issues Vulnerability
SAP ABAP Platform is an ABAP-based SAP solution from SAP. SAP ABAP Platform has an authorization issue vulnerability that stems from a lack of authorization checks. An attacker with a business user account in SAP ABAP Platform could exploit the vulnerability to change the privacy settings of a jo...
CVE-2024-27900
Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...
CVE-2024-27900
Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...
Authorization
Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...
CVE-2024-27900 Missing Authorization check in SAP ABAP Platform
Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...
CVE-2024-27900 Missing Authorization check in SAP ABAP Platform
Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...
SAP NetWeaver Application Server Security Vulnerability
SAP NetWeaver Application Server is an application server from SAP, Germany. A security vulnerability exists in SAP NetWeaver Application Server ABAP and ABAP Platform, which results in an escalation of privileges due to a failure to perform the required authorization checks for authenticated use...
SAP ABAP Platform Path Traversal Vulnerability
SAP ABAP Platform is an ABAP-based SAP solution from SAP Germany. A path traversal vulnerability exists in SAP ABAP Platform, which stems from a failure of the network system or product to properly filter special elements in the path of a resource or file. An attacker could exploit this...
CVE-2023-25615
Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead t...
CVE-2023-25615
Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead t...
Input validation
Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead t...
CVE-2023-25615 SQL Injection vulnerability in SAP ABAP Platform
Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead t...
CVE-2023-25615 SQL Injection vulnerability in SAP ABAP Platform
Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead t...
PT-2023-20196 · Sap · Sap Aba
Name of the Vulnerable Software and Affected Versions: SAP ABAP versions 751, 753, 754, 756, 757, 791 Description: The issue is caused by insufficient input sanitization, allowing an authenticated high privileged user to alter the current session of the user by injecting malicious database querie...
CVE-2021-40501
SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker...
CVE-2021-40501
SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker...
Authorization
SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker...
CVE-2021-27629
SAP NetWeaver ABAP Server and ABAP Platform Enqueue Server, versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73, allows an unauthenticated attacker without specific knowledge of the system to send a...