Netweaver Application Server Abap@751 Security Vulnerabilities and Issues — Netweaver Application Server Abap@751 CVE List

Lucene search

SapNetweaver Application Server Abap751

15 matches found

CVE•added 2023/03/14 5:15 a.m.•88 views

CVE-2023-27269

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker with non-administrative authorizations to exploit a directory traversal flaw in an available service to overwrite the system files. In this...

9.6CVSS9.2AI score0.00417EPSS

CVE•added 2023/01/10 4:15 a.m.•87 views

CVE-2023-0014

SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.22, 7.22EXT, 7.53, KRNL64NUC 7.22, 7.22EXT, creates information about system identity in an ambiguou...

9.8CVSS9.1AI score0.00236EPSS

CVE•added 2023/03/14 6:15 a.m.•57 views

CVE-2023-27501

SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker to exploit insufficient validation of path information provided by users, thus exploiting a directory traversal flaw in an available service to delete syst...

9.6CVSS9AI score0.00201EPSS

CVE•added 2023/03/14 5:15 a.m.•56 views

CVE-2023-25618

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in an unused class for error handling in which an attacker authenticated as a non-administrative user can craft a request with ce...

6.5CVSS6.6AI score0.00191EPSS

CVE•added 2023/02/14 4:15 a.m.•55 views

CVE-2023-23860

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a link, which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read or modify some sensitive i...

6.1CVSS6.1AI score0.00283EPSS

CVE•added 2023/03/14 6:15 a.m.•55 views

CVE-2023-27500

An attacker with non-administrative authorizations can exploit a directory traversal flaw in program SAPRSBRO to over-write system files. In this attack, no data can be read but potentially critical OS files can be over-written making the system unavailable.

9.6CVSS7.9AI score0.00417EPSS

CVE•added 2023/03/14 5:15 a.m.•54 views

CVE-2023-26459

Due to improper input controls In SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, an attacker authenticated as a non-administrative user can craft a request which will trigger the application server to send a request to an...

7.4CVSS7.5AI score0.00099EPSS

CVE•added 2023/01/10 3:15 a.m.•52 views

CVE-2023-0013

The ABAP Keyword Documentation of SAP NetWeaver Application Server - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, for ABAP and ABAP Platform does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. On successful exploitation an a...

6.1CVSS6AI score0.00383EPSS

CVE•added 2023/02/14 4:15 a.m.•50 views

CVE-2023-23858

Due to insufficient input validation, SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to send a crafted URL to a user, and by clicking the URL, the tricked user accesses SAP and might be directed with t...

6.1CVSS6.2AI score0.0021EPSS

CVE•added 2023/02/14 4:15 a.m.•47 views

CVE-2023-23853

An unauthenticated attacker in AP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, can craft a link which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read ...

6.1CVSS6.1AI score0.00214EPSS

CVE•added 2023/02/14 4:15 a.m.•46 views

CVE-2023-23854

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

5.4CVSS5.8AI score0.0006EPSS

CVE•added 2023/02/14 4:15 a.m.•46 views

CVE-2023-25614

SAP NetWeaver AS ABAP (BSP Framework) application - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allow an unauthenticated attacker to inject the code that can be executed by the application over the network. On successful exploitation it can gain access to the sensitive...

6.1CVSS6.4AI score0.00404EPSS

CVE•added 2023/03/14 5:15 a.m.•46 views

CVE-2023-27270

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in a class for test purposes in which an attacker authenticated as a non-administrative user can craft a request with certain par...

6.5CVSS6.6AI score0.00193EPSS

CVE•added 2023/02/14 4:15 a.m.•42 views

CVE-2023-23859

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information.

6.1CVSS6.2AI score0.00443EPSS

CVE•added 2023/04/11 3:15 a.m.•34 views

CVE-2023-28763

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters which can consume the server's resources sufficiently to make it unavailable over the net...

6.5CVSS6.4AI score0.00229EPSS