SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired.
5.3CVSS
5.5AI Score
0.001EPSS
Service Data Download in SAP Application Server ABAP (ST-PI, before versions 2008_1_46C, 2008_1_620, 2008_1_640, 2008_1_700, 2008_1_710, 740) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application and the whole AB...
8.8CVSS
8.6AI Score
0.001EPSS
Standalone clients connecting to SAP NetWeaver AS Java via P4 Protocol, versions (SAP-JEECOR 7.00, 7.01; SERVERCOR 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; CORE-TOOLS 7.00, 7.01, 7.02, 7.05, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50) do not perform any authentication checks for operations that requ...
9.8CVSS
9.5AI Score
0.002EPSS
SAP Commerce, versions - 6.7, 1808, 1811, 1905, may allow an attacker to access information under certain conditions which would otherwise be restricted, leading to Information Disclosure.
7.5CVSS
7.3AI Score
0.002EPSS
SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce (Data Hub), versions - 6.7, 1808, 1811, 1905, allows an attacker to bypass the authentication and/or authorization that has been configured by the system administrator due to the use of Hardcoded Credentials.
9.8CVSS
9.5AI Score
0.002EPSS
SAP Fiori for SAP S/4HANA, versions - 100, 200, 300, 400, allows an attacker to redirect users to a malicious site due to insufficient URL validation, leading to URL Redirection.
5.4CVSS
5.4AI Score
0.001EPSS
Some sensitive cookies in SAP Disclosure Management, version 10.1, are missing HttpOnly flag, leading to sensitive cookie without Http Only flag.
5.4CVSS
5.4AI Score
0.001EPSS
Statutory Reporting for Insurance Companies in SAP ERP (EA-FINSERV versions - 600, 603, 604, 605, 606, 616, 617, 618, 800 and S4CORE versions 101, 102, 103, 104) does not execute the required authorization checks for an authenticated user, allowing an attacker to view and tamper with certain restri...
8.1CVSS
7.9AI Score
0.001EPSS
Under certain conditions SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure.
6.5CVSS
6.3AI Score
0.001EPSS
SAP NetWeaver AS ABAP (Banking Services), versions - 710, 711, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, does not perform necessary authorization checks for an authenticated user due to Missing Authorization Check, allowing wrong and unexpected change of individual conditions by a malicious user...
6.5CVSS
6.4AI Score
0.001EPSS
SAP Solution Manager (Problem Context Manager), version 7.2, does not perform the necessary authentication, allowing an attacker to consume large amounts of memory, causing the system to crash and read restricted data (files visible for technical administration users of the diagnostics agent).
8.2CVSS
8AI Score
0.001EPSS
SAP Commerce Cloud versions - 1808, 1811, 1905, 2005, does not sufficiently encode user inputs, which allows an authenticated and authorized content manager to inject malicious script into several web CMS components. These can be saved and later triggered, if an affected web page is visited, result...
5.4CVSS
5.2AI Score
0.001EPSS
SAP S/4 HANA (Fiori UI for General Ledger Accounting), versions 103, 104, does not perform necessary authorization checks for an authenticated user working with attachment service, allowing the attacker to delete attachments due to Missing Authorization Check.
4.3CVSS
4.6AI Score
0.001EPSS
SAP Netweaver AS ABAP, versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, are vulnerable for Server Side Request Forgery Attack where in an attacker can use inappropriate path names containing malicious server names in the import/export of sessions functionality and coerce th...
9.8CVSS
9.3AI Score
0.002EPSS
SAP Business Objects Business Intelligence Platform (bipodata), version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability.
6.1CVSS
6.1AI Score
0.001EPSS
SAP Business Objects Business Intelligence Platform (BI Launchpad and CMC), versions 4.1, 4.2, allows to an attacker to embed malicious scripts in the application while uploading images, which gets executed when the victim opens these files, leading to Stored Cross Site Scripting
5.4CVSS
5.3AI Score
0.001EPSS
SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure.
2.7CVSS
4.1AI Score
0.001EPSS
SAP Business Objects Business Intelligence Platform (BI Launchpad), version 4.2, does not sufficiently encode user-controlled inputs, resulting reflected in Cross-Site Scripting.
6.1CVSS
6.3AI Score
0.001EPSS
SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send a crafted request from a vulnerable web application. It is usual...
5.8CVSS
5.6AI Score
0.001EPSS
SAP Fiori Launchpad does not sufficiently encode user controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, resulting in reflected Cross-Site Scripting (XSS) vulnerability. With a successful attack, the attacker can steal a...
6.1CVSS
6AI Score
0.001EPSS
SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows the automatic execution of script content in a stored file due to inadequate filtering with the accessing user's privileges. If the accessing user has administrative privileges, then the execution of the script content ...
9CVSS
8.9AI Score
0.001EPSS
SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure.
6.5CVSS
6.3AI Score
0.001EPSS
The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to exploit a method to download zip files to a specific directory, leading to Path Traversal.
5.3CVSS
7AI Score
0.003EPSS
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create ...
SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface) allows an attacker with edit document rights to upload any file (including script files) without proper file format validation leading to Unrestricted upload of file with dangerous type vulnerability. The attacker...
5.3CVSS
5.2AI Score
0.001EPSS
SAP Disclosure Management, version 10.1, had insufficient protection against Cross-Site Request Forgery, which could be used to trick user in to browsing malicious site.
8.8CVSS
8.5AI Score
0.001EPSS
SAP Disclosure Management, version 10.1, is vulnerable to Session Fixation attacks wherein the attacker tricks the user into using a specific session ID.
6.3CVSS
6.2AI Score
0.001EPSS
SAP Disclosure Management, version 10.1, session mechanism does not have expiration data set therefore allows unlimited access after authenticating once, leading to Insufficient Session Expiration
8.8CVSS
8.5AI Score
0.001EPSS
Logout mechanism in SAP Disclosure Management, version 10.1, does not invalidate one of the session cookies, leading to Insufficient Session Expiration.
8.8CVSS
8.5AI Score
0.001EPSS
SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to upload a malicious file and also to access, modify or make unavailable existing files but the impact is limited to the files themselves and is restricted by other policies such as access c...
6.5CVSS
6.6AI Score
0.001EPSS
Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix does not perform any authentication checks for functionalities that require user identity.
9.1CVSS
9.3AI Score
0.002EPSS
Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log files leading to a compromise of the installed Cockpit. This compromise could enable the attacker to vi...
7.8CVSS
7.3AI Score
0.0004EPSS
SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753, 755, allows an attacker to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application.
8.8CVSS
8.7AI Score
0.001EPSS
Under certain conditions the upgrade of SAP Data Hub 2.7 to SAP Data Intelligence, version - 3.0, allows an attacker to access confidential system configuration information, that should otherwise be restricted, leading to Information Disclosure.
4.4CVSS
4.7AI Score
0.0004EPSS
SAP Banking Services (Generic Market Data), versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data (GMD) and change related GMD key figure values, due to Missing Authorization Check.
8.1CVSS
7.9AI Score
0.001EPSS
SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Information Disclosure.
4.3CVSS
4.6AI Score
0.001EPSS
SAP Business Objects Business Intelligence Platform (Central Management Console), versions- 4.2, 4.3, allows an attacker with administrator rights can use the web application to send malicious code to a different end user (victim), as it does not sufficiently encode user-controlled inputs for Recyc...
4.8CVSS
4.9AI Score
0.001EPSS
SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check.
8.1CVSS
8AI Score
0.001EPSS
SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or man in the middle attack and subsequently get access to admin user accounts, leading to Session Fixa...
8.1CVSS
7.9AI Score
0.002EPSS
SAP Disclosure Management, before version 10.1, does not validate user input properly in specific use cases leading to Cross-Site Scripting.
5.4CVSS
5.5AI Score
0.001EPSS
Improper input validation in SAP NetWeaver Internet Communication Manager (update provided in KRNL32NUC & KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT KRNL64NUC & KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49 KERNEL 7.21, 7.49, 7.53) allows an attacker to prevent users from accessing its services through a ...
7.5CVSS
7.3AI Score
0.001EPSS
PI Rest Adapter of SAP Process Integration (update provided in SAP_XIAF 7.31, 7.40, 7.50) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
6.1CVSS
6AI Score
0.001EPSS
Missing authorization check in a transaction within SAP Leasing (update provided in SAP_APPL 6.18, EA-APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16 and 6.17).
2.7CVSS
4.1AI Score
0.001EPSS
Automated Note Search Tool (update provided in SAP Basis 7.0, 7.01, 7.02, 7.31, 7.4, 7.5, 7.51, 7.52, 7.53 and 7.54) does not perform sufficient authorization checks leading to the reading of sensitive information.
4.3CVSS
4.6AI Score
0.001EPSS
SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker c...
5.3CVSS
5.7AI Score
0.006EPSS
SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.
7.5CVSS
7.6AI Score
0.001EPSS
Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP users, leading to Information Disclosure.
4.3CVSS
4.5AI Score
0.001EPSS
Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial products subledger, version � 100, does not correctly perform necessary authorization checks for an authenticated user due to Improper Authorization checks, that may cause a system administrator to create in...
6.5CVSS
6.6AI Score
0.001EPSS
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), versions - 4.1, 4.2, allows an attacker with a non-administrative user account that can edit certain web page properties, can modify how a browser processes particular page elements, leading to stored Cross Site S...
5.4CVSS
5.3AI Score
0.001EPSS
SAP NetWeaver Application Server JAVA(XML Forms) versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by executing JavaScri...
6.5CVSS
6.1AI Score
0.001EPSS