SAP

Netweaver Application Server Abap

81 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2021-40499

  • EPSS 0.84%
  • Published 12.10.2021 15:15:09
  • Last modified 21.11.2024 06:24:16

Client-side printing services SAP Cloud Print Manager and SAPSprint for SAP NetWeaver Application Server for ABAP - versions 7.70, 7.70 PI, 7.70 BYD, allow an attacker to inject code that can be executed by the application. An attacker could thereby ...

5.3

CVE-2021-40495

  • EPSS 0.38%
  • Published 12.10.2021 15:15:09
  • Last modified 21.11.2024 06:24:15

There are multiple Denial-of Service vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755. An unauthorized attacker can use the public SICF service /sap/public/bc/abap to reduce t...

4.3

CVE-2021-40496

  • EPSS 0.42%
  • Published 12.10.2021 15:15:09
  • Last modified 21.11.2024 06:24:15

SAP Internet Communication framework (ICM) - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 785, allows an attacker with logon functionality, to exploit the authentication function by using POST and form field to repeat exe...

7.5

CVE-2021-38181

  • EPSS 0.47%
  • Published 12.10.2021 15:15:08
  • Last modified 21.11.2024 06:16:35

SAP NetWeaver AS ABAP and ABAP Platform - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.

8.8

CVE-2021-38178

  • EPSS 0.45%
  • Published 12.10.2021 15:15:08
  • Last modified 21.11.2024 06:16:34

The software logistics system of SAP NetWeaver AS ABAP and ABAP Platform versions - 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, enables a malicious user to transfer ABAP code artifacts or content, by-passing the established ...

5.3

CVE-2021-33684

  • EPSS 0.18%
  • Published 14.07.2021 12:15:09
  • Last modified 21.11.2024 06:09:21

SAP NetWeaver AS ABAP and ABAP Platform, versions - KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 8.04, 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 8.04, 7.2...

7.5

CVE-2021-33678

Exploit
  • EPSS 0.71%
  • Published 14.07.2021 12:15:08
  • Last modified 21.11.2024 06:09:20

A function module of SAP NetWeaver AS ABAP (Reconciliation Framework), versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F, allows a high privileged attacker to inject code that can be executed by the a...

7.5

CVE-2021-33677

  • EPSS 0.2%
  • Published 14.07.2021 12:15:08
  • Last modified 21.11.2024 06:09:20

SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 702, 730, 731, 804, 740, 750, 784, expose functions to external which can lead to information disclosure.

9.8

CVE-2021-27610

  • EPSS 0.55%
  • Published 16.06.2021 15:15:08
  • Last modified 21.11.2024 05:58:17

SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804, does not create information about internal and external RFC user in consistent and distinguished format, which could lead to improper ...

5.4

CVE-2021-33664

  • EPSS 0.24%
  • Published 09.06.2021 14:15:10
  • Last modified 21.11.2024 06:09:18

SAP NetWeaver Application Server ABAP (Applications based on Web Dynpro ABAP), versions - SAP_UI - 750,752,753,754,755, SAP_BASIS - 702, 731 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.