Authorization

The XML Data Archiving Service XML DAS in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to 1 webcontent/cas/casenter.jsp, 2...

CVE-2015-8840

The XML Data Archiving Service XML DAS in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to 1 webcontent/cas/casenter.jsp, 2...

CVE-2016-3976

Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ dot dot backslash in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971...

CVE-2016-3975

Cross-site scripting XSS vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, aka SAP...

CVE-2016-3974

XML external entity XXE vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to tcmonitoringwebserviceweb/ServerNodesWSService, aka SA...

CVE-2016-3973

The chat feature in the Real-Time Collaboration RTC services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/resources/sap.com/tcrtccoll.appl.rtcwdchat/Chat, pressing "Add users", and doing a search, aka SAP...

Xxe

XML external entity XXE vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to tcmonitoringwebserviceweb/ServerNodesWSService, aka SA...

Security feature bypass

The chat feature in the Real-Time Collaboration RTC services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/resources/sap.com/tcrtccoll.appl.rtcwdchat/Chat, pressing "Add users", and doing a search, aka SAP...

Cross site scripting

Cross-site scripting XSS vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, aka SAP...

CVE-2016-3975

Cross-site scripting XSS vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, aka SAP...

CVE-2016-3974

XML external entity XXE vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to tcmonitoringwebserviceweb/ServerNodesWSService, aka SA...

CVE-2016-3974

CVE-2016-3974 affects SAP NetWeaver AS JAVA 7.1–7.5. An XML External Entity (XXE) vulnerability in the Configuration Wizard/ctcprotocol servlet allows remote attackers to cause a denial of service, perform SMB relay actions, or read arbitrary files via a crafted XML to the ServerNodesWSService en...

CVE-2016-3976

Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ dot dot backslash in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971. Recent assessments: Assessed Attacker Value: 0 Assessed...

Possible Information Leak Vulnerability

Applications that pass unverified user input to the render method in a controller may be vulnerable to an information leak vulnerability. Impacted code will look something like this: def index; render params:id; end Carefully crafted requests can cause the above code to render files from unexpect...

SAP Download Manager 2.1.142 Weak Encryption

Advisory Information Title: SAP Download Manager Password Weak Encryption Advisory ID: CORE-2016-0004 Advisory URL: http://www.coresecurity.com/advisories/sap-download-manager-password-weak-encryption Date published: 2016-03-08 Date of last update: 2016-03-07 Vendors contacted: SAP Release mode:...

SAP Download Manager Password Weak Encryption

1. Advisory Information Title: SAP Download Manager Password Weak Encryption Advisory ID: CORE-2016-0004 Advisory URL: Date published: 2016-03-09 Date of last update: 2016-03-07 Vendors contacted: SAP Release mode: Coordinated release 2. Vulnerability Information Class: Storing Passwords in a...

CVE-2016-2388

The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the 1 ns or 2 interface parameter to ProxyServer/register, aka SAP Security Note 2220571...

Design/Logic Flaw

The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846...

Sql injection

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079...