Vulnerabilidades em SAP
159 resultadosCVE-2023-23854LOWSAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, does not perform necessary auEPSS 0.5%CVE-2022-41275MEDIUMIn SAP Solution Manager (Enterprise Search) - versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a lEPSS 0.5%CVE-2023-24527MEDIUMImproper Access Control in SAP NetWeaver AS Java for Deploy ServiceEPSS 0.5%CVE-2023-27268MEDIUMImproper Access Control in SAP NetWeaver AS Java (Object Analyzing Service)EPSS 0.4%CVE-2023-29189MEDIUMHTTP Verb Tampering vulnerability in SAP CRM (WebClient UI)EPSS 0.4%CVE-2022-41262MEDIUMDue to insufficient input validation, SAP NetWeaver AS Java (HTTP Provider Service) - version 7.50, allows an unauthenticated attacker to inEPSS 0.4%CVE-2023-29108MEDIUMIP filter vulnerability in ABAP Platform and SAP Web Dispatcher EPSS 0.4%CVE-2023-23852MEDIUMSAP Solution Manager (System Monitoring) - version 720, does not sufficiently encode user-controlled inputs, resulting in Cross-Site ScriptiEPSS 0.4%CVE-2023-26457MEDIUMCross-Site Scripting (XSS) vulnerability in SAP Content ServerEPSS 0.4%CVE-2023-29111LOWInformation Disclosure vulnerability in SAP Application Interface Framework (ODATA service)EPSS 0.4%CVE-2022-41266HIGHDue to a lack of proper input validation, SAP Commerce Webservices 2.0 (Swagger UI) - versions 1905, 2005, 2105, 2011, 2205, allows maliciouEPSS 0.4%CVE-2023-27895MEDIUMInformation Disclosure vulnerability in SAP Authenticator for AndroidEPSS 0.4%CVE-2023-23859MEDIUMSAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attaEPSS 0.4%CVE-2023-1903MEDIUMMissing Authorization check in SAP HCM Fiori App My Forms (Fiori 2.0)EPSS 0.4%CVE-2023-24522MEDIUMDue to insufficient input sanitization, SAP NetWeaver AS ABAP (Business Server Pages) - versions 700, 701, 702, 731, 740, allows an unauthenEPSS 0.4%CVE-2023-25614MEDIUMSAP NetWeaver AS ABAP (BSP Framework) application - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allow an unautEPSS 0.4%CVE-2023-24521MEDIUMDue to insufficient input sanitization, SAP NetWeaver AS ABAP (BSP Framework) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 7EPSS 0.4%CVE-2023-0024MEDIUMSAP Solution Manager (BSP Application) - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an uEPSS 0.4%CVE-2023-28761MEDIUMMissing Authentication check in SAP NetWeaver Enterprise PortalEPSS 0.4%CVE-2023-26459HIGHServer Side Request Forgery (SSRF) vulnerability in SAP NetWeaver AS for ABAP and ABAP PlatformEPSS 0.4%