Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:10 p.m.10 views

CVE-2021-40501

SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker...

8.1CVSS7AI score0.00734EPSS
Exploits0
CNNVD
CNNVD
added 2024/03/12 12:0 a.m.6 views

SAP ABAP Platform 安全漏洞

SAP ABAP Platform is an ABAP-based SAP solution from SAP. SAP ABAP Platform has an authorization issue vulnerability that stems from a lack of authorization checks. An attacker with a business user account in SAP ABAP Platform could exploit the vulnerability to change the privacy settings of a jo...

5.3CVSS6.7AI score0.00393EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/03/11 12:0 a.m.6 views

PT-2024-22121 · Sap · Sap Abap Platform

Name of the Vulnerable Software and Affected Versions: SAP ABAP Platform versions 758, 795 Description: The issue is due to a missing authorization check, allowing an attacker with a business user account to change the privacy setting of job templates from shared to private, making the selected...

5.3CVSS6.8AI score0.00393EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/12/11 12:0 a.m.4 views

PT-2023-28366 · Sap · Sap Commerce Cloud

Name of the Vulnerable Software and Affected Versions: SAP Commerce Cloud versions HY COM 1905 through HY COM 2205, COM CLOUD 2211 Description: A locked B2B user can misuse the forgotten password functionality to un-block their user account again and re-gain access if SAP Commerce Cloud -...

8.1CVSS7.1AI score0.00521EPSS
Exploits0References8
OSV
OSV
added 2021/11/10 4:15 p.m.3 views

CVE-2021-40501

SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker...

8.1CVSS7.1AI score0.00734EPSS
Exploits0References2
NVD
NVD
added 2020/08/12 2:15 p.m.17 views

CVE-2020-6299

SAP NetWeaver ABAP Server and ABAP Platform, versions - 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Information Disclosure...

4.3CVSS4.5AI score0.00897EPSS
Exploits0References2
Prion
Prion
added 2020/08/12 2:15 p.m.24 views

Information disclosure

SAP NetWeaver ABAP Server and ABAP Platform, versions - 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Information Disclosure...

4CVSS4.7AI score0.00897EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder