Netweaver@7.50 Security Vulnerabilities and Issues — Netweaver@7.50 CVE List

Lucene search

SapNetweaver7.50

3 matches found

CVE•added 2023/06/13 3:15 a.m.•51 views

CVE-2023-33985

SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. On successful exploitation, an attacker can view or modify information c...

6.1CVSS6AI score0.00399EPSS

CVE•added 2023/09/12 2:15 a.m.•48 views

CVE-2023-41367

Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user’s ...

5.3CVSS5.4AI score0.00188EPSS

CVE•added 2023/06/13 3:15 a.m.•35 views

CVE-2023-33984

SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this could...

6.4CVSS5.5AI score0.00433EPSS