Netweaver Application Server Abap Security Vulnerabilities and Issues — Netweaver Application Server Abap CVE List

Lucene search

SapNetweaver Application Server Abap

7 matches found

CVE•added 2023/02/14 4:15 a.m.•56 views

CVE-2023-23860

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a link, which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read or modify some sensitive i...

6.1CVSS6.1AI score0.00283EPSS

CVE•added 2023/02/14 4:15 a.m.•53 views

CVE-2023-24522

Due to insufficient input sanitization, SAP NetWeaver AS ABAP (Business Server Pages) - versions 700, 701, 702, 731, 740, allows an unauthenticated user to alter the current session of the user by injecting the malicious code over the network and gain access to the unintended data. This may lead to...

6.1CVSS6.4AI score0.00597EPSS

CVE•added 2023/02/14 4:15 a.m.•51 views

CVE-2023-23858

Due to insufficient input validation, SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to send a crafted URL to a user, and by clicking the URL, the tricked user accesses SAP and might be directed with t...

6.1CVSS6.2AI score0.0021EPSS

CVE•added 2023/02/14 4:15 a.m.•48 views

CVE-2023-23853

An unauthenticated attacker in AP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, can craft a link which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read ...

6.1CVSS6.1AI score0.00214EPSS

CVE•added 2023/02/14 4:15 a.m.•47 views

CVE-2023-23854

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

5.4CVSS5.8AI score0.00066EPSS

CVE•added 2023/02/14 4:15 a.m.•47 views

CVE-2023-25614

SAP NetWeaver AS ABAP (BSP Framework) application - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allow an unauthenticated attacker to inject the code that can be executed by the application over the network. On successful exploitation it can gain access to the sensitive...

6.1CVSS6.4AI score0.00404EPSS

CVE•added 2023/02/14 4:15 a.m.•43 views

CVE-2023-23859

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information.

6.1CVSS6.2AI score0.00443EPSS