SAP Process Integration Privilege Permission and Access Control Issues Vulnerability

SAP Process Integration is middleware from SAP Germany that enables SAP to seamlessly integrate with non-SAP applications in the company or with systems outside the company. A vulnerability exists in the Integration Builder Framework for SAP Process Integration versions 7.10, 7.11, 7.20, 7.30,...

CVE-2021-27618

The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not check the file type extension of the file uploaded from local source. An attacker could craft a malicious file and upload it to the application, which could lead to denial of...

CVE-2021-27618

The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not check the file type extension of the file uploaded from local source. An attacker could craft a malicious file and upload it to the application, which could lead to denial of...

CVE-2021-27617

The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document uploaded from local source. An attacker can craft a malicious XML which when uploaded and parsed by the application, could lead to...

Design/Logic Flaw

The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document uploaded from local source. An attacker can craft a malicious XML which when uploaded and parsed by the application, could lead to...

CVE-2021-27618

Summary: CVE-2021-27618 affects SAP Process Integration’s Integration Builder Framework (versions 7.10–7.50). The root cause is failure to validate the file type extension of files uploaded from a local source, enabling an attacker to craft a malicious file that could cause a denial of service an...

SAP Process Integration 代码问题漏洞

SAP Process Integration is middleware from SAP Germany that enables SAP to seamlessly integrate with non-SAP applications in the company or with systems outside the company. A vulnerability exists in the Integration Builder Framework for SAP Process Integration versions 7.10, 7.11, 7.20, 7.30,...

CVE-2021-27599

SAP NetWeaver ABAP Server and ABAP Platform Process Integration - Integration Builder Framework, versions - 7.10, 7.30, 7.31, 7.40, 7.50, allows an attacker to access information under certain conditions, which would otherwise be restricted...

CVE-2019-0315

Under certain conditions the PI Integration Builder Web UI of SAP NetWeaver Process Integration versions: SAPXIESR: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, SAPXITOOL: 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50 and SAPXIPCK 7.10 to 7.11, 7.20, 7.30 allows an attacker to access passwords used in FTP...

CVE-2019-0315

Under certain conditions the PI Integration Builder Web UI of SAP NetWeaver Process Integration versions: SAPXIESR: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, SAPXITOOL: 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50 and SAPXIPCK 7.10 to 7.11, 7.20, 7.30 allows an attacker to access passwords used in FTP...

Reko - A General Purpose Binary Decompiler

Reko Swedish: "decent, obliging" is a C project containing a decompiler for machine code binaries. This project is freely available under the GNU General Public License. The project consists of front ends, core decompiler engine, and back ends to help it achieve its goals. A command-line, a Windo...