Known Vulnerabilities for products from Sap
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Sap".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-24399 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2022-03-10 | 2022-12-22 |
| CVE-2022-24398 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-03-10 | 2022-03-16 |
| CVE-2022-24397 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2022-03-10 | 2022-03-16 |
| CVE-2022-24396 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2022-03-10 | 2023-11-07 |
| CVE-2022-24395 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2022-03-10 | 2022-03-16 |
| CVE-2022-22547 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-03-10 | 2022-10-28 |
| CVE-2022-22546 | Due to improper HTML encoding in input control summary, an authorized attacker can execute XSS vulnerability in SAP Business ... | 5.4 - MEDIUM | 2022-02-09 | 2022-10-25 |
| CVE-2022-22545 | A high privileged user who has access to transaction SM59 can read connection details stored with the destination for http ca... | 4.9 - MEDIUM | 2022-02-09 | 2022-10-25 |
| CVE-2022-22544 | Solution Manager (Diagnostics Root Cause Analysis Tools) - version 720, allows an administrator to execute code on all connec... | 9.1 - CRITICAL | 2022-02-09 | 2022-10-25 |
| CVE-2022-22543 | SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) - versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77,... | 7.5 - HIGH | 2022-02-09 | 2022-10-25 |
| CVE-2022-22542 | S/4HANA Supplier Factsheet exposes the private address and bank details of an Employee Business Partner with Supplier Role, A... | 6.5 - MEDIUM | 2022-02-09 | 2022-10-26 |
| CVE-2022-22541 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-04-12 | 2022-04-20 |
| CVE-2022-22540 | SAP NetWeaver AS ABAP (Workplace Server) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 787, allows a... | 7.5 - HIGH | 2022-02-09 | 2022-10-05 |
| CVE-2022-22539 | When a user opens a manipulated JPEG file format (.jpg, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise V... | 6.5 - MEDIUM | 2022-02-09 | 2022-10-26 |
| CVE-2022-22538 | When a user opens a manipulated Adobe Illustrator file format (.ai, ai.x3d) received from untrusted sources in SAP 3D Visual ... | 6.5 - MEDIUM | 2022-02-09 | 2022-10-26 |
| CVE-2022-22537 | When a user opens a manipulated Tagged Image File Format (.tiff, 2d.x3d)) received from untrusted sources in SAP 3D Visual En... | 6.5 - MEDIUM | 2022-02-09 | 2023-07-24 |
| CVE-2022-22536 | SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP ... | 10 - CRITICAL | 2022-02-09 | 2023-09-27 |
| CVE-2022-22535 | SAP ERP HCM Portugal - versions 600, 604, 608, does not perform necessary authorization checks for a report that reads the pa... | 6.5 - MEDIUM | 2022-02-09 | 2022-10-27 |
| CVE-2022-22534 | Due to insufficient encoding of user input, SAP NetWeaver allows an unauthenticated attacker to inject code that may expose s... | 6.1 - MEDIUM | 2022-02-09 | 2022-10-27 |
| CVE-2022-22533 | Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7... | 7.5 - HIGH | 2022-02-09 | 2022-10-27 |
Known software with vulnerabilities from Sap
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Sap | 3d Visual Enterprise Viewer | - |
| Application | Sap | Abap Platform | 7.31 |
| Application | Sap | Activex Viewer | 1.0.0 |
| Application | Sap | Adaptive Extensions | 1.0 |
| Application | Sap | Adaptive Server Enterprise | 15.7 |
| Application | Sap | Adaptive Server Enterprise Backup Server | 16.0 |
| Application | Sap | Adaptive Server Enterprise Cockpit | 16.0 |
| Application | Sap | Adminadapter | - |
| Application | Sap | Afaria | 7.0 |
| Application | Sap | Agentry Sdk | 7.1 |
| Application | Sap | Application Server | 740 |
| Application | Sap | Application Server Java | 7.2 |
| Application | Sap | Background Processing | - |
| Application | Sap | Bank Analyzer | 500 |
| Application | Sap | Banking Services | 400 |
| Application | Sap | Basis | 7.0 |
| Application | Sap | Basis Communication Services | 4.6 |
| Application | Sap | Bi Launchpad | - |
| Application | Sap | Bi Universal Data Integration | - |
| Application | Sap | Business Application Software Integrated Solution | 7.00 |