Lucene search
K
SapApplication Interface Framework

4 matches found

CVE
CVE
added 2023/04/11 3:0 a.m.75 views

CVE-2023-29110

The CVE-2023-29110 issue affects SAP Application Interface (Message Dashboard) across multiple releases: AIF 703, AIFX 702, S4CORE 100/101, SAP_BASIS 755/756, SAP_ABA 75C/75D/75E. The root cause is that the application allows unrestricted HTML markup, enabling an authorized attacker to use basic ...

5.4CVSS4.8AI score0.00324EPSS
CVE
CVE
added 2024/01/09 1:18 a.m.63 views

CVE-2024-21737

In SAP Application Interface Framework File Adapter - version 702, CVE-2024-21737 describes a code/injection path where a high-privilege user can traverse through layers via a function module and directly execute operating-system commands, allowing control over application behavior. The vulnerabi...

9.1CVSS9.3AI score0.00611EPSS
CVE
CVE
added 2023/04/11 3:1 a.m.49 views

CVE-2023-29111

CVE-2023-29111 affects SAP Application Interface Framework (AIF) ODATA service versions 755 and 756. The vulnerability arises from excessive information disclosure in the AIF component, allowing an authorized attacker to leverage disclosed details to potentially exploit the component, with a low ...

4.3CVSS4.3AI score0.00413EPSS
CVE
CVE
added 2023/04/11 2:58 a.m.48 views

CVE-2023-29109

CVE-2023-29109 affects SAP Application Interface Framework (Message Dashboard) across AIF 703, AIFX 702, S4CORE 101, SAP_BASIS 755/756, SAP_ABA 75C/75D/75E. The root cause is an Excel formula injection in fields such as the Tooltip of the Custom Hints List, which can execute when the victim opens...

4.6CVSS5AI score0.00324EPSS