Netweaver Application Server Abap Security Vulnerabilities and Issues — Netweaver Application Server Abap CVE List

Lucene search

SapNetweaver Application Server Abap

3 matches found

CVE•added 2023/09/12 3:15 a.m.•86 views

CVE-2023-40309

SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could abuse functionality ...

9.8CVSS9.7AI score0.00162EPSS

CVE•added 2023/09/12 2:15 a.m.•57 views

CVE-2023-40308

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.

7.5CVSS7.7AI score0.00131EPSS

CVE•added 2023/09/12 3:15 a.m.•51 views

CVE-2023-40624

SAP NetWeaver AS ABAP (applications based on Unified Rendering) - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, SAP_BASIS 702, SAP_BASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-application. An attacker could thereby control the behavi...

5.5CVSS5.4AI score0.0011EPSS