Known Vulnerabilities for Commoncryptolib by Sap
Listed below are 4 of the newest known vulnerabilities associated with "Commoncryptolib" by "Sap".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-40309 json | SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization chec... | 9.8 - CRITICAL | 2023-09-12 | 2023-09-15 |
| CVE-2023-40308 json | SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a mem... | 7.5 - HIGH | 2023-09-12 | 2023-09-15 |
| CVE-2021-38177 json | SAP CommonCryptoLib version 8.5.38 or lower is vulnerable to null pointer dereference vulnerability when an unauthenticated a... | 7.5 - HIGH | 2021-09-14 | 2022-01-28 |
| CVE-2014-8587 json | SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HAN... | 7.5 - HIGH | 2014-11-04 | 2023-10-03 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Sap | Commoncryptolib | 8.4.29 |