SAP

Netweaver Application Server Abap

81 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2024-24740

  • EPSS 0.19%
  • Veröffentlicht 13.02.2024 03:15:08
  • Zuletzt bearbeitet 21.11.2024 08:59:36

SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.93, KERNEL 7.94, KRNL64UC 7.53, under certain conditions, allows an attacker to access information which could otherwise be r...

5.4

CVE-2024-21738

  • EPSS 0.2%
  • Veröffentlicht 09.01.2024 02:15:46
  • Zuletzt bearbeitet 21.11.2024 08:54:54

SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the appli...

9.4

CVE-2023-49581

  • EPSS 0.07%
  • Veröffentlicht 12.12.2023 02:15:07
  • Zuletzt bearbeitet 21.11.2024 08:33:35

SAP GUI for Windows and SAP GUI for Java allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to write data to a database tab...

5.3

CVE-2023-41366

  • EPSS 0.22%
  • Veröffentlicht 14.11.2023 01:15:07
  • Zuletzt bearbeitet 21.11.2024 08:21:10

Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KERNEL 7.94, KERNEL64UC 7.22, KERNEL64UC 7.22EXT, KERNEL64UC ...

5.4

CVE-2023-40624

  • EPSS 0.11%
  • Veröffentlicht 12.09.2023 03:15:13
  • Zuletzt bearbeitet 21.11.2024 08:19:50

SAP NetWeaver AS ABAP (applications based on Unified Rendering) - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, SAP_BASIS 702, SAP_BASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-applicat...

9.8

CVE-2023-40309

  • EPSS 0.16%
  • Veröffentlicht 12.09.2023 03:15:12
  • Zuletzt bearbeitet 21.11.2024 08:19:12

SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges...

7.5

CVE-2023-40308

  • EPSS 0.13%
  • Veröffentlicht 12.09.2023 02:15:12
  • Zuletzt bearbeitet 21.11.2024 08:19:12

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no abilit...

6.5

CVE-2023-37492

  • EPSS 0.09%
  • Veröffentlicht 08.08.2023 01:15:18
  • Zuletzt bearbeitet 21.11.2024 08:11:49

SAP NetWeaver Application Server ABAP and ABAP Platform - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP...

7.4

CVE-2023-35874

  • EPSS 0.1%
  • Veröffentlicht 11.07.2023 03:15:10
  • Zuletzt bearbeitet 21.11.2024 08:08:53

SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL, 7.53, KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7...

6.5

CVE-2023-28763

  • EPSS 0.23%
  • Veröffentlicht 11.04.2023 03:15:07
  • Zuletzt bearbeitet 21.11.2024 07:55:57

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters which can consume the server's resources...