CVE-2018-2361
- EPSS 0.39%
- Veröffentlicht 09.01.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:03:40
In SAP Solution Manager 7.20, the role SAP_BPO_CONFIG gives the Business Process Operations (BPO) configuration user more authorization than required for configuring the BPO tools.
CVE-2016-10005
- EPSS 0.99%
- Veröffentlicht 19.12.2016 07:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
Webdynpro in SAP Solman 7.1 through 7.31 allows remote attackers to obtain sensitive information via webdynpro/dispatcher/sap.com/caf~eu~gp~example~timeoff~wd requests, aka SAP Security Note 2344524.
CVE-2014-5175
- EPSS 0.72%
- Veröffentlicht 31.07.2014 14:55:04
- Zuletzt bearbeitet 12.04.2025 10:46:40
The License Measurement servlet in SAP Solution Manager 7.1 allows remote attackers to bypass authentication via unspecified vectors, related to a verb tampering attack and SAP_JTECHS.
CVE-2013-7363
- EPSS 0.68%
- Veröffentlicht 10.04.2014 20:55:06
- Zuletzt bearbeitet 12.04.2025 10:46:40
Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Solution Manager allows remote attackers to obtain sensitive information, modify the configuration of applications, and install or remove applications via vectors involving the P4 protoc...