Known Vulnerabilities for Netweaver by Sap
Listed below are 10 of the newest known vulnerabilities associated with "Netweaver" by "Sap".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-22534 | Due to insufficient encoding of user input, SAP NetWeaver allows an unauthenticated attacker to inject code that may expose s... | 6.1 - MEDIUM | 2022-02-09 | 2022-10-27 |
| CVE-2021-38183 | SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an attacker to cau... | 6.1 - MEDIUM | 2021-10-12 | 2021-10-19 |
| CVE-2021-38163 | SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a... | 8.8 - HIGH | 2021-09-14 | 2023-08-08 |
| CVE-2021-21481 | The MigrationService, which is part of SAP NetWeaver versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform an a... | 8.8 - HIGH | 2021-03-09 | 2021-03-16 |
| CVE-2020-6309 | SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does... | 7.5 - HIGH | 2020-08-12 | 2021-07-21 |
| CVE-2020-6285 | SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditio... | 6.5 - MEDIUM | 2020-07-14 | 2021-07-21 |
| CVE-2020-6203 | SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to expl... | 9.1 - CRITICAL | 2020-03-10 | 2020-03-12 |
| CVE-2020-6185 | Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions ... | 5.4 - MEDIUM | 2020-02-12 | 2020-02-19 |
| CVE-2020-6184 | Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions... | 6.1 - MEDIUM | 2020-02-12 | 2020-02-19 |
| CVE-2020-6181 | Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP... | 5.8 - MEDIUM | 2020-02-12 | 2020-02-21 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Sap | Netweaver | application_server_java | 7.50 | All | All |
| Application | Sap | Netweaver | application_server_java | 7.40 | All | All |
| Application | Sap | Netweaver | application_server_java | 7.31 | All | All |
| Application | Sap | Netweaver | application_server_java | 7.30 | All | All |
| Application | Sap | Netweaver | application_server_java | 7.20 | All | All |
| Application | Sap | Netweaver | application_server_java | 7.10 | All | All |
| Application | Sap | Netweaver | 7400.12.21.30308 | All | All | All |
| Application | Sap | Netweaver | 7.53 | All | All | All |
| Application | Sap | Netweaver | 7.52 | All | All | All |
| Application | Sap | Netweaver | 7.51 | All | All | All |
| Application | Sap | Netweaver | 7.50 | All | All | All |
| Application | Sap | Netweaver | 7.50 | All | All | All |
| Application | Sap | Netweaver | 7.5 | All | All | All |
| Application | Sap | Netweaver | 7.41 | All | All | All |
| Application | Sap | Netweaver | 7.40 | All | All | All |
| Application | Sap | Netweaver | 7.40 | All | All | All |
| Application | Sap | Netweaver | 7.31 | All | All | All |
| Application | Sap | Netweaver | 7.31 | All | All | All |
| Application | Sap | Netweaver | 7.30 | All | All | All |
| Application | Sap | Netweaver | 7.30 | sp04 | All | All |