Vulnerabilidades en SAP SE
778 resultadosCVE-2018-2428MEDIUMUnder certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components aEPSS 1.8%CVE-2020-26811MEDIUMSAP Commerce Cloud (Accelerator Payment Mock), versions - 1808, 1811, 1905, 2005, allows an unauthenticated attacker to submit a crafted reqEPSS 1.8%CVE-2019-0266—Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS advanced) writes credentials of platform usEPSS 1.8%CVE-2019-0243—Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorizatEPSS 1.7%CVE-2018-2499—A security weakness in SAP Financial Consolidation Cube Designer (BOBJ_EADES fixed in versions 8.0, 10.1) may allow an attacker to discover EPSS 1.7%CVE-2019-0249—Under certain conditions SAP Landscape Management (VCM 3.0) allows an attacker to access information which would otherwise be restricted.EPSS 1.7%CVE-2022-22533—Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7EPSS 1.7%CVE-2020-6192HIGHSAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious commands with root privileges in SAP HoEPSS 1.7%CVE-2019-0287—Under certain conditions SAP BusinessObjects Business Intelligence platform (Central Management Server), versions 4.2 and 4.3, allows an attEPSS 1.7%CVE-2018-2401MEDIUMSAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document accepted from an untrusted source resulting EPSS 1.7%CVE-2018-2363—SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to executeEPSS 1.7%CVE-2020-6321MEDIUMSAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated U3D file received from untrusted sources which results in crEPSS 1.6%CVE-2021-33687MEDIUMSAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 reveals sensitive information in one of their HTTP EPSS 1.6%CVE-2019-0304—FTP Function of SAP NetWeaver AS ABAP Platform, versions- KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNEPSS 1.6%CVE-2020-6358MEDIUMSAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FBX file received from untrusted sources which results in crEPSS 1.6%CVE-2020-6343MEDIUMSAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated EPS file received from untrusted sources which results in crEPSS 1.6%CVE-2020-6354MEDIUMSAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crEPSS 1.6%CVE-2020-6331MEDIUMSAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in cEPSS 1.6%CVE-2018-2408HIGHImproper Session Management in SAP Business Objects, 4.0, from 4.10, from 4.20, 4.30, CMC/BI Launchpad/Fiorified BI Launchpad. In case of paEPSS 1.6%CVE-2020-6330MEDIUMSAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated 3DM file received from untrusted sources which results in crEPSS 1.6%