SAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 reveals sensitive information in one of their HTTP requests, an attacker can use this in conjunction with other attacks such as XSS to steal this information.
4.9CVSS
4.7AI Score
0.002EPSS
SAP Business One allows an attacker with business privileges to execute crafted database queries, exposing the back-end database. Due to framework restrictions, only some information can be obtained.
4.3CVSS
4.7AI Score
0.001EPSS
When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applications), version - 7.50, no security audit log is created. Therefore, security audit log Integrity is impacted.
4.3CVSS
4.8AI Score
0.001EPSS
Server-Side Request Forgery (SSRF) vulnerability has been detected in the SAP NetWeaver Development Infrastructure Component Build Service versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50The SAP NetWeaver Development Infrastructure Component Build Service allows a threat actor who has access to the se...
9.9CVSS
9.3AI Score
0.396EPSS
NWDI Notification Service versions - 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.SAP NetWeaver Development Infrastructure Notification Service allows a threat actor to send crafted scripts to a victim. If the victim ha...
6.1CVSS
6AI Score
0.001EPSS
SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject special elements such as '..' and '/' separators, for attackers to escape outside of the restricted location to access files or directories.
7.5CVSS
7.5AI Score
0.003EPSS
SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to inject malicious codes that could potentially lead to OS command execution.
6.8CVSS
6.7AI Score
0.0004EPSS
SAP Cloud Connector, version - 2.0, does not sufficiently encode user-controlled inputs, allowing an attacker with Administrator rights, to include malicious codes that get stored in the database, and when accessed, could be executed in the application, resulting in Stored Cross-Site Scripting.
4.8CVSS
4.9AI Score
0.001EPSS
Potentially, SAP Cloud Connector, version - 2.0 communication with the backend is accepted without sufficient validation of the certificate.
9.1CVSS
9.2AI Score
0.001EPSS
SAP BusinessObjects Business Intelligence Platform (Crystal Report), versions - 420, 430, does not sufficiently encode user controlled inputs and therefore an authorized attacker can exploit a XSS vulnerability, leading to non-permanently deface or modify displayed content from a Web site.
5.4CVSS
5.2AI Score
0.001EPSS
Under certain conditions, SAP BusinessObjects Business Intelligence Platform (SAPUI5), versions - 420, 430, can allow an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
6.1CVSS
6.3AI Score
0.001EPSS
SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files (including script files) without the proper file format validation.
8.8CVSS
8.6AI Score
0.001EPSS
Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifest.xml with their Task Control features. This allows an unauthorized attacker or malware to takeover legitimate apps and to steal user's sensitive information.
6.5CVSS
6.3AI Score
0.001EPSS
SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could so obtain highly sensitive information which the attacker could use to take substantial control of t...
7.8CVSS
7.3AI Score
0.0004EPSS
DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool...
9.1CVSS
9.7AI Score
0.007EPSS
Under certain conditions, NetWeaver Enterprise Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode report data. An attacker can craft malicious data and print it to the report. In a successful attack, a victim opens the report, and the malicious script gets exe...
6.1CVSS
5.8AI Score
0.002EPSS
Under certain conditions, NetWeaver Enterprise Portal, versions - 7.30, 7.31, 7.40, 7.50, does not sufficiently encode URL parameters. An attacker can craft a malicious link and send it to a victim. A successful attack results in Reflected Cross-Site Scripting (XSS) vulnerability.
6.1CVSS
5.9AI Score
0.002EPSS
The Service Layer of SAP Business One, version - 10.0, allows an authenticated attacker to invoke certain functions that would otherwise be restricted to specific users. For an attacker to discover the vulnerable function, no in-depth system knowledge is required. Once exploited via Network stack, ...
8.8CVSS
8.5AI Score
0.001EPSS
The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated attacker to craft a malicious URL which when clicked by a user can make any type of request (e.g. POST, ...
8.1CVSS
7.9AI Score
0.003EPSS
Due to improper input validation in InfraBox, logs can be modified by an authenticated user.
4.3CVSS
4.5AI Score
0.001EPSS
SAP NetWeaver Knowledge Management allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via a URL stored in a component. This could enable the attacker to compromise the user's confidentiality and integrity.
6.1CVSS
6.1AI Score
0.002EPSS
SAP NetWeaver Knowledge Management XML Forms versions - 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, contains an XSLT vulnerability which allows a non-administrative authenticated attacker to craft a malicious XSL stylesheet file containing a script with OS-level commands, copy it into a location to be acce...
8.8CVSS
8.5AI Score
0.006EPSS
SAP Business One version - 10, due to improper input validation, allows an authenticated User to gain access to directory and view the contents of index in the directory, which would otherwise be restricted to high privileged User.
4.3CVSS
4.4AI Score
0.001EPSS
SAP NetWeaver Application Server Java (JMS Connector Service) - versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for user privileges.
9.8CVSS
9.4AI Score
0.002EPSS
When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the cor...
6.5CVSS
6.2AI Score
0.002EPSS
SAP Web Dispatcher versions - 7.49, 7.53, 7.77, 7.81, KRNL64NUC - 7.22, 7.22EXT, 7.49, KRNL64UC -7.22, 7.22EXT, 7.49, 7.53, KERNEL - 7.22, 7.49, 7.53, 7.77, 7.81, 7.83 processes allow an unauthenticated attacker to submit a malicious crafted request over a network to a front-end server which may, o...
9.4CVSS
9AI Score
0.043EPSS
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of th...
SAP ERP Financial Accounting (RFOPENPOSTING_FR) versions - SAP_APPL - 600, 602, 603, 604, 605, 606, 616, SAP_FIN - 617, 618, 700, 720, 730, SAPSCORE - 125, S4CORE, 100, 101, 102, 103, 104, 105, allows a registered attacker to invoke certain functions that would otherwise be restricted to specific u...
5.4CVSS
5.3AI Score
0.001EPSS
When a user opens manipulated files received from untrusted sources in SAP 3D Visual Enterprise Viewer version - 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
6.5CVSS
6.4AI Score
0.001EPSS
SAP Analysis for Microsoft Office - version 2.8, allows an attacker with high privileges to read sensitive data over the network, and gather or change information in the current system without user interaction. The attack would not lead to an impact on the availability of the system, but there woul...
6.5CVSS
6.2AI Score
0.001EPSS
Due to improper input sanitization, an authenticated user with certain specific privileges can remotely call NZDT function modules listed in Solution Section to execute manipulated query or inject ABAP code to gain access to Backend Database. On successful exploitation the threat actor could comple...
8.8CVSS
8.8AI Score
0.001EPSS
SAP CommonCryptoLib version 8.5.38 or lower is vulnerable to null pointer dereference vulnerability when an unauthenticated attacker sends crafted malicious data in the HTTP requests over the network, this causes the SAP application to crash and has high impact on the availability of the SAP system...
7.5CVSS
7.5AI Score
0.019EPSS
The software logistics system of SAP NetWeaver AS ABAP and ABAP Platform versions - 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, enables a malicious user to transfer ABAP code artifacts or content, by-passing the established quality gates. By this vulnerability malicious co...
8.8CVSS
8.6AI Score
0.001EPSS
Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows Admin User to see the captured packet contents which may include User credentials.
4.9CVSS
5AI Score
0.001EPSS
SAP Business One - version 10.0, allows an attacker to inject formulas when exporting data to Excel (CSV injection) due to improper sanitation during the data export. An attacker could thereby execute arbitrary commands on the victim's computer but only if the victim allows to execute macros while ...
9.8CVSS
9.9AI Score
0.003EPSS
SAP NetWeaver AS ABAP and ABAP Platform - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
7.5CVSS
7.7AI Score
0.001EPSS
SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an attacker to cause a potential victim to supply a malicious content to a vulnerable web application, which is then reflected to the victim and executed by the web browser, resulting in Cross...
6.1CVSS
6AI Score
0.001EPSS
There are multiple Denial-of Service vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755. An unauthorized attacker can use the public SICF service /sap/public/bc/abap to reduce the performance of SAP NetWeaver Application Serve...
5.3CVSS
5.9AI Score
0.001EPSS
SAP Internet Communication framework (ICM) - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 785, allows an attacker with logon functionality, to exploit the authentication function by using POST and form field to repeat executions of the initial command by a GET request a...
4.3CVSS
5.7AI Score
0.001EPSS
SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its ver...
5.3CVSS
5AI Score
0.001EPSS
A vulnerability has been identified in SAP SuccessFactors Mobile Application for Android - versions older than 2108, which allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service, which can lead to denial of service. The vulnerability is r...
5.5CVSS
5.3AI Score
0.0004EPSS
Client-side printing services SAP Cloud Print Manager and SAPSprint for SAP NetWeaver Application Server for ABAP - versions 7.70, 7.70 PI, 7.70 BYD, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.
9.8CVSS
9.4AI Score
0.006EPSS
SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versions 420, 430, allows an unauthenticated attacker to exploit missing XML validations at endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation can enable the attac...
7.5CVSS
7.4AI Score
0.002EPSS
SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker ca...
8.1CVSS
8AI Score
0.001EPSS
SAP Commerce - versions 2105.3, 2011.13, 2005.18, 1905.34, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Authenticated attackers will be able to access and edit data from b2b units they do not belong to.
8.8CVSS
8.7AI Score
0.001EPSS
An information disclosure vulnerability exists in SAP GUI for Windows - versions < 7.60 PL13, 7.70 PL4, which allows an attacker with sufficient privileges on the local client-side PC to obtain an equivalent of the user’s password. With this highly sensitive data leaked, the attacker would be ab...
7.8CVSS
6.9AI Score
0.0004EPSS
A certain template role in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, contains transport authorizations, which exceed expected display only permissions.
4.9CVSS
5.2AI Score
0.001EPSS
@sap-cloud-sdk/core contains the core functionality of the SAP Cloud SDK as well as the SAP Business Technology Platform abstractions. This affects applications on SAP Business Technology Platform that use the SAP Cloud SDK and enabled caching of destinations. In affected versions and in some cases...
5.9CVSS
5.6AI Score
0.002EPSS
SAP BusinessObjects Business Intelligence Platform (Web Intelligence) - version 420, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. This allows a low privileged attacker to retrieve some data from the victim but will never be able to modi...
5.4CVSS
5.1AI Score
0.001EPSS
SAP ERP HCM Portugal does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only reads the payroll information, the attacker can neither modify any information nor cause availability impacts.
4.3CVSS
4.5AI Score
0.001EPSS