Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap basis 7.02 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2020-6307
Automated Note Search Tool (update provided in SAP Basis 7.0, 7.01, 7.02, 7.31, 7.4, 7.5, 7.51, 7.52, 7.53 and 7.54) does not perform sufficient authorization checks leading to the reading of sensitive information.
Sap Basis 7.0
Sap Basis 7.01
Sap Basis 7.02
Sap Basis 7.31
Sap Basis 7.40
Sap Basis 7.50
Sap Basis 7.51
Sap Basis 7.52
Sap Basis 7.53
Sap Basis 7.54
6.5
CVSSv2
CVE-2019-0279
ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP_RFCDEST, and INST_CREATE_TCPIP_RFC_DEST in SAP BASIS (fixed in versions 7.0 to 7.02, 7.10 to 7.30, 7.31, 7.40, 7.50 to 7.53) do not perform necessary authorization checks in all circumstances for an authentica...
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.40
6.5
CVSSv2
CVE-2018-2478
An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the <sid>adm user....
Sap Basis 7.31
Sap Basis 7.40
Sap Basis
Sap Basis 7.30
6.5
CVSSv2
CVE-2018-2367
ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an malicious user to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" a...
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
Sap Business Application Software Integrated Solution 7.30
6.5
CVSSv2
CVE-2018-2363
SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially esc...
Sap Netweaver -
Sap Business Application Software Integrated Solution 7.30
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.40
Sap Business Application Software Integrated Solution 7.31
6.5
CVSSv2
CVE-2017-16682
SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application.
Sap Netweaver Internet Transaction Server -
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
Sap Business Application Software Integrated Solution 7.30
5.8
CVSSv2
CVE-2017-16691
SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31,7.40, from 7.50 to 7.52) supports upload of digitally signed note file of type 'SAR'. The digital signature verification is done together with the extraction of note file contained in th...
Sap Business Application Software Integrated Solution 7.10
Sap Business Application Software Integrated Solution 7.30
Sap Business Application Software Integrated Solution 7.52
Sap Business Application Software Integrated Solution 7.00
Sap Business Application Software Integrated Solution 7.01
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
Sap Business Application Software Integrated Solution 7.50
Sap Business Application Software Integrated Solution 7.51
Sap Business Application Software Integrated Solution 7.02
Sap Business Application Software Integrated Solution 7.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started