Lucene search
K
SapCommoncryptolib

4 matches found

CVE
CVE
•added 2023/09/12 2:21 a.m.•109 views

CVE-2023-40309

CVE-2023-40309 affects SAP CommonCryptoLib and is caused by insufficient authentication checks, enabling possible privilege escalation for an authenticated user and potential reading/modification/deletion of restricted data. The vulnerability is rated CRITICAL (CVSSv3.1: 9.8, AV:N/AC:L/PR:N/UI:N/...

9.8CVSS9.7AI score0.00748EPSS
CVE
CVE
•added 2023/09/12 1:21 a.m.•82 views

CVE-2023-40308

The CVE-2023-40308 issue affects SAP CommonCryptoLib and is caused by memory corruption triggered by an unauthenticated crafted request sent to an open port. The resulting crash makes the target component unavailable, with no impact on confidentiality or integrity reported. Evidence across multip...

7.5CVSS7.7AI score0.00622EPSS
CVE
CVE
•added 2021/09/14 11:24 a.m.•75 views

CVE-2021-38177

The CVE-2021-38177 entry concerns SAP CommonCryptoLib version 8.5.38 or lower, vulnerable to a null pointer dereference when an unauthenticated attacker sends crafted HTTP data over the network. The underlying issue causes the SAP application to crash, with a high impact on availability. Document...

7.5CVSS7.5AI score0.03223EPSS
CVE
CVE
•added 2014/11/04 3:0 p.m.•50 views

CVE-2014-8587

CVE-2014-8587 affects SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, used in SAP NetWeaver AS for ABAP and SAP HANA. The issue allows remote attackers to spoof Digital Signature Algorithm (DSA) signatures via unspecified vectors. Remediation: upgrade SAPCRYPTOLIB to ...

7.5CVSS6.8AI score0.01285EPSS