CVE-2023-35872 Missing Authentication check in SAP NetWeaver Process Integration (Message Display Tool)

The Message Display Tool MDT of SAP NetWeaver Process Integration - version SAPXIAF 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The...

CVE-2020-6305

PI Rest Adapter of SAP Process Integration update provided in SAPXIAF 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

CVE-2020-6305

PI Rest Adapter of SAP Process Integration update provided in SAPXIAF 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

Authentication flaw

Under certain conditions SAP NetWeaver Process Integration Runtime Workbench – MESSAGING and SAPXIAF before versions 7.31, 7.40, 7.50 allows an attacker to access information which would otherwise be restricted...

CVE-2019-0356

CVE-2019-0356 affects SAP NetWeaver Process Integration XI Runtime Workbench (MESSAGING) and SAP_XIAF before versions 7.31, 7.40, 7.50. The issue enables an attacker to access information that should be restricted. Some sources attribute the vulnerability to configuration issues. Connected docume...