Lucene search

SAP Process Integration (Integration Builder Framework) Security Vulnerabilities

cve

CVE-2021-27617

The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document uploaded from local source. An attacker can craft a malicious XML which when uploaded and parsed by the application, could lead to...

4.9CVSS

5AI Score

0.001EPSS

2021-05-11 03:15 PM

cve

CVE-2021-27618

The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not check the file type extension of the file uploaded from local source. An attacker could craft a malicious file and upload it to the application, which could lead to denial of.....

4.9CVSS

5AI Score

0.001EPSS

2021-05-11 03:15 PM

cve

CVE-2021-27599

SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Integration Builder Framework), versions - 7.10, 7.30, 7.31, 7.40, 7.50, allows an attacker to access information under certain conditions, which would otherwise be...

6.5CVSS

6.3AI Score

0.001EPSS

2021-04-14 03:15 PM