SAP

Netweaver Application Server Abap

81 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2023-27499

  • EPSS 0.42%
  • Veröffentlicht 11.04.2023 03:15:07
  • Zuletzt bearbeitet 21.11.2024 07:53:01

SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability....

9.6

CVE-2023-27501

  • EPSS 0.22%
  • Veröffentlicht 14.03.2023 06:15:12
  • Zuletzt bearbeitet 21.11.2024 07:53:02

SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker to exploit insufficient validation of path information provided by users, thus exploiting a directory trav...

8.1

CVE-2023-27500

Medienbericht
  • EPSS 0.42%
  • Veröffentlicht 14.03.2023 06:15:12
  • Zuletzt bearbeitet 21.11.2024 07:53:02

An attacker with non-administrative authorizations can exploit a directory traversal flaw in program SAPRSBRO to over-write system files. In this attack, no data can be read but potentially critical OS files can be over-written making the system unav...

6.5

CVE-2023-27270

  • EPSS 0.19%
  • Veröffentlicht 14.03.2023 05:15:30
  • Zuletzt bearbeitet 21.11.2024 07:52:34

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in a class for test purposes in which an attacker authenticated as a non-adminis...

9.6

CVE-2023-27269

  • EPSS 0.42%
  • Veröffentlicht 14.03.2023 05:15:30
  • Zuletzt bearbeitet 21.11.2024 07:52:34

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker with non-administrative authorizations to exploit a directory traversal flaw in an availab...

7.4

CVE-2023-26459

  • EPSS 0.1%
  • Veröffentlicht 14.03.2023 05:15:30
  • Zuletzt bearbeitet 21.11.2024 07:51:31

Due to improper input controls In SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, an attacker authenticated as a non-administrative user can craft a request which will trigg...

6.5

CVE-2023-25618

  • EPSS 0.19%
  • Veröffentlicht 14.03.2023 05:15:29
  • Zuletzt bearbeitet 21.11.2024 07:49:50

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in an unused class for error handling in which an attacker authenticated as a no...

6.1

CVE-2023-25614

  • EPSS 0.4%
  • Veröffentlicht 14.02.2023 04:15:13
  • Zuletzt bearbeitet 21.11.2024 07:49:49

SAP NetWeaver AS ABAP (BSP Framework) application - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allow an unauthenticated attacker to inject the code that can be executed by the application over the network. On successful...

6.1

CVE-2023-23859

  • EPSS 0.44%
  • Veröffentlicht 14.02.2023 04:15:12
  • Zuletzt bearbeitet 21.11.2024 07:46:59

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some...

6.1

CVE-2023-23860

  • EPSS 0.28%
  • Veröffentlicht 14.02.2023 04:15:12
  • Zuletzt bearbeitet 21.11.2024 07:46:59

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a link, which when clicked by an unsuspecting user can be used to redirect a user to a malicious...