Known Vulnerabilities for products from Sap
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Sap".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-22125 json | 7.5 - HIGH | 2024-01-09 | 2024-01-12 | |
| CVE-2024-22124 json | 7.5 - HIGH | 2024-01-09 | 2024-01-22 | |
| CVE-2024-21738 json | 5.4 - MEDIUM | 2024-01-09 | 2024-01-11 | |
| CVE-2024-21737 json | 9.1 - CRITICAL | 2024-01-09 | 2024-01-16 | |
| CVE-2024-21736 json | 6.5 - MEDIUM | 2024-01-09 | 2024-01-19 | |
| CVE-2024-21735 json | 7.2 - HIGH | 2024-01-09 | 2024-01-30 | |
| CVE-2024-21734 json | 5.4 - MEDIUM | 2024-01-09 | 2024-01-12 | |
| CVE-2023-42480 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2023-11-14 | 2023-11-20 |
| CVE-2023-42477 json | SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50, allows an attacker to send a crafted request from a vulne... | 6.5 - MEDIUM | 2023-10-10 | 2023-10-16 |
| CVE-2023-42475 json | The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to r... | 4.3 - MEDIUM | 2023-10-10 | 2023-10-11 |
| CVE-2023-42474 json | SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The atta... | 5.4 - MEDIUM | 2023-10-10 | 2023-10-11 |
| CVE-2023-42473 json | S/4HANA Manage (Withholding Tax Items) - version 106, does not perform necessary authorization checks for an authenticated u... | 5.4 - MEDIUM | 2023-10-10 | 2023-10-11 |
| CVE-2023-42472 json | Due to insufficient file type validation, SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interfac... | 7.3 - HIGH | 2023-09-12 | 2023-09-13 |
| CVE-2023-41369 json | The Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attac... | 4.3 - MEDIUM | 2023-09-12 | 2023-09-14 |
| CVE-2023-41368 json | The OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107, allows an attacker to chang... | 5.3 - MEDIUM | 2023-09-12 | 2023-09-14 |
| CVE-2023-41367 json | Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - ver... | 5.3 - MEDIUM | 2023-09-12 | 2023-09-13 |
| CVE-2023-41366 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2023-11-14 | 2023-11-20 |
| CVE-2023-41365 json | SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details stack trace of the fault message... | 4.3 - MEDIUM | 2023-10-10 | 2023-10-11 |
| CVE-2023-40625 json | S4CORE (Manage Purchase Contracts App) - versions 102, 103, 104, 105, 106, 107, does not perform necessary authorization chec... | 5.4 - MEDIUM | 2023-09-12 | 2023-09-13 |
| CVE-2023-40624 json | SAP NetWeaver AS ABAP (applications based on Unified Rendering) - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, S... | 5.4 - MEDIUM | 2023-09-12 | 2023-09-15 |
Known software with vulnerabilities from Sap
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Sap | 3d Visual Enterprise Viewer | - |
| Application | Sap | Abap Platform | 7.31 |
| Application | Sap | Activex Viewer | 1.0.0 |
| Application | Sap | Adaptive Extensions | 1.0 |
| Application | Sap | Adaptive Server Enterprise | 15.7 |
| Application | Sap | Adaptive Server Enterprise Backup Server | 16.0 |
| Application | Sap | Adaptive Server Enterprise Cockpit | 16.0 |
| Application | Sap | Adminadapter | - |
| Application | Sap | Afaria | 7.0 |
| Application | Sap | Agentry Sdk | 7.1 |
| Application | Sap | Application Server | 2008_1_46c |
| Application | Sap | Application Server Java | 7.2 |
| Application | Sap | Background Processing | - |
| Application | Sap | Banking Services | 400 |
| Application | Sap | Bank Analyzer | 500 |
| Application | Sap | Basis | 7.0 |
| Application | Sap | Basis Communication Services | 4.6 |
| Application | Sap | Bi Launchpad | - |
| Application | Sap | Bi Universal Data Integration | - |
| Application | Sap | Businessobjects | - |