Known Vulnerabilities for Netweaver Application Server Java by Sap
Listed below are 10 of the newest known vulnerabilities associated with "Netweaver Application Server Java" by "Sap".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-22533 | Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7... | 7.5 - HIGH | 2022-02-09 | 2022-10-27 |
| CVE-2022-22532 | In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNE... | 9.8 - CRITICAL | 2022-02-09 | 2022-09-30 |
| CVE-2021-33689 | When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applicat... | 4.3 - MEDIUM | 2021-07-14 | 2021-07-16 |
| CVE-2021-33687 | SAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 reveals sensitive information in one... | 4.9 - MEDIUM | 2021-07-14 | 2022-05-03 |
| CVE-2021-33670 | SAP NetWeaver AS for Java (Http Service Monitoring Filter), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an at... | 7.5 - HIGH | 2021-07-14 | 2022-05-12 |
| CVE-2021-27601 | SAP NetWeaver AS Java (Applications based on HTMLB for Java) allows a basic-level authorized attacker to store a malicious fi... | 5.4 - MEDIUM | 2021-04-13 | 2021-04-20 |
| CVE-2021-27598 | SAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), versions - 7.31, 7.40, 7.50, allows an attacker to read some sta... | 5.3 - MEDIUM | 2021-04-13 | 2022-10-07 |
| CVE-2021-21492 | SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficient... | 4.3 - MEDIUM | 2021-04-13 | 2021-04-20 |
| CVE-2021-21491 | SAP Netweaver Application Server Java (Applications based on WebDynpro Java) versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.4... | 6.1 - MEDIUM | 2021-03-10 | 2021-03-17 |
| CVE-2021-21485 | An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Ser... | 6.5 - MEDIUM | 2021-04-13 | 2022-07-12 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Sap | Netweaver Application Server Java | 7.5 | All | All | All |
| Application | Sap | Netweaver Application Server Java | 7.4 | All | All | All |
| Application | Sap | Netweaver Application Server Java | 7.3 | All | All | All |
| Application | Sap | Netweaver Application Server Java | 7.2 | All | All | All |
| Application | Sap | Netweaver Application Server Java | 7.11 | All | All | All |
| Application | Sap | Netweaver Application Server Java | 7.1 | All | All | All |
| Application | Sap | Netweaver Application Server Java | 7.05 | All | All | All |
| Application | Sap | Netweaver Application Server Java | 7.02 | All | All | All |
| Application | Sap | Netweaver Application Server Java | 7.01 | All | All | All |
| Application | Sap | Netweaver Application Server Java | 7.00 | All | All | All |