Netweaver Application Server Java@7.20 Security Vulnerabilities and Issues — Netweaver Application Server Java@7.20 CVE List

Lucene search

SapNetweaver Application Server Java7.20

4 matches found

CVE•added 2019/07/10 8:15 p.m.•147 views

CVE-2019-0327

SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation.

7.2CVSS7AI score0.00756EPSS

CVE•added 2019/09/10 5:15 p.m.•71 views

CVE-2019-0355

SAP NetWeaver Application Server Java Web Container, ENGINEAPI (before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (before versions 6.40, 7.0, 7.01), allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the app...

7.2CVSS7AI score0.00471EPSS

CVE•added 2019/03/12 10:29 p.m.•44 views

CVE-2019-0275

SAML 1.1 SSO Demo Application in SAP NetWeaver Java Application Server (J2EE-APPS), versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40 and 7.50, does not sufficiently encode user-controlled inputs, which results in cross-site scripting (XSS) vulnerability.

5.4CVSS5.2AI score0.00252EPSS

CVE•added 2019/11/13 10:15 p.m.•41 views

CVE-2019-0391

Under certain conditions SAP NetWeaver AS Java (corrected in 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted.

4.3CVSS4.4AI score0.00272EPSS