Netweaver Security Vulnerabilities and Issues — Netweaver CVE List

Lucene search

SapNetweaver

5 matches found

CVE•added 2014/02/14 3:55 p.m.•45 views

CVE-2014-1964

Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error.

4.3CVSS5.8AI score0.00329EPSS

CVE•added 2014/02/14 3:55 p.m.•42 views

CVE-2014-1960

The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors.

5CVSS6.3AI score0.00357EPSS

CVE•added 2014/02/14 3:55 p.m.•42 views

CVE-2014-1961

Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver allows remote attackers to obtain sensitive path information via unknown attack vectors.

5CVSS6.3AI score0.00354EPSS

CVE•added 2014/02/14 3:55 p.m.•42 views

CVE-2014-1965

Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP.

4.3CVSS5.8AI score0.00329EPSS

CVE•added 2014/02/14 3:55 p.m.•36 views

CVE-2014-1963

Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 allows remote attackers to cause a denial of service via unknown attack vectors.

5CVSS6.8AI score0.0073EPSS