Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SapNetweaver Application Server Abap755

4 matches found

CVE
CVEadded 2024/08/13 4:15 a.m.50 views

CVE-2024-41732

SAP NetWeaver Application Server ABAP allowsan unauthenticated attacker to craft a URL link that could bypass allowlistcontrols. Depending on the web applications provided by this server, theattacker might inject CSS code or links into the web application that couldallow the attacker to read or mod...

5.4CVSS4.9AI score0.00162EPSS
CVE
CVEadded 2024/09/10 3:15 a.m.43 views

CVE-2024-44114

SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. This results in a minimal impact on confidentiality of the application.

2.7CVSS3.9AI score0.00074EPSS
CVE
CVEadded 2024/09/10 4:15 a.m.42 views

CVE-2024-41728

Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impact on confidentiality, as this attacker would otherwise not have access to view these objects.

2.7CVSS3.6AI score0.00098EPSS
CVE
CVEadded 2024/01/09 2:15 a.m.35 views

CVE-2024-21738

SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the application data after successful exploitation.

5.4CVSS5.2AI score0.00198EPSS