Lucene search
K
SapBasis

6 matches found

CVE
CVE
added 2023/04/11 3:0 a.m.77 views

CVE-2023-29110

The CVE-2023-29110 issue affects SAP Application Interface (Message Dashboard) across multiple releases: AIF 703, AIFX 702, S4CORE 100/101, SAP_BASIS 755/756, SAP_ABA 75C/75D/75E. The root cause is that the application allows unrestricted HTML markup, enabling an authorized attacker to use basic ...

5.4CVSS4.8AI score0.00324EPSS
CVE
CVE
added 2019/01/08 8:0 p.m.64 views

CVE-2019-0248

Summary: CVE-2019-0248 affects the SAP Gateway of the ABAP Application Server, causing information disclosure under certain conditions. The issue is addressed in SAP_GWFND versions 7.5, 7.51, 7.52, 7.53 and SAP_BASIS 7.5. Affected component: SAP Gateway in the ABAP Application Server. Root cause/...

5.9CVSS5.5AI score0.01564EPSS
CVE
CVE
added 2022/12/13 2:27 a.m.57 views

CVE-2022-41264

The CVE-2022-41264 issue affects SAP BASIS components (versions 731, 740, 750–757, 789–791) where the unrestricted scope of the RFC function module allows an authenticated non-administrator to access a system class and execute any of its public methods with attacker-supplied parameters. This can ...

8.8CVSS8.6AI score0.00855EPSS
CVE
CVE
added 2018/11/13 8:0 p.m.55 views

CVE-2018-2478

CVE-2018-2478 affects SAP Basis and related TREX/BWA installations. The vulnerability allows an attacker to use specially crafted inputs to execute commands on the host, with the commands limited to what the adm user can run; the actual commands depend on the privileges of that user. Affected ver...

7.2CVSS7.2AI score0.01831EPSS
CVE
CVE
added 2020/01/14 5:52 p.m.53 views

CVE-2020-6307

The CVE-2020-6307 issue affects SAP Basis Automated Note Search Tool across SAP Basis versions 7.00 to 7.54, where insufficient authorization checks allow reading of sensitive information. Multiple connected sources (Red Hat advisory, NVD entry, vendor notes, and Symantec writeup) corroborate an ...

4.3CVSS4.6AI score0.00723EPSS
CVE
CVE
added 2023/04/11 2:58 a.m.48 views

CVE-2023-29109

CVE-2023-29109 affects SAP Application Interface Framework (Message Dashboard) across AIF 703, AIFX 702, S4CORE 101, SAP_BASIS 755/756, SAP_ABA 75C/75D/75E. The root cause is an Excel formula injection in fields such as the Tooltip of the Custom Hints List, which can execute when the victim opens...

4.6CVSS5AI score0.00324EPSS