Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver 7.50 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-25644
Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an malicious user to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application.
NA
CVE-2024-25645
Under certain condition SAP NetWeaver (Enterprise Portal) - version 7.50 allows an malicious user to access information which would otherwise be restricted causing low impact on confidentiality of the application and with no impact on Integrity and Availability of the application...
NA
CVE-2024-28163
Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions 7.50, allows an malicious user to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the app...
NA
CVE-2024-22127
SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an attacker with high privileges to upload potentially dangerous files which leads to command injection vulnerability. This would enable the malicious user to run commands which can caus...
NA
CVE-2024-24743
SAP NetWeaver AS Java (CAF - Guided Procedures) - version 7.50, allows an unauthenticated malicious user to submit a malicious request with a crafted XML file over the network, which when parsed will enable him to access sensitive files and data but not modify them. There are exp...
NA
CVE-2024-22126
The User Admin application of SAP NetWeaver AS for Java - version 7.50, insufficiently validates and improperly encodes the incoming URL parameters before including them into the redirect URL. This results in Cross-Site Scripting (XSS) vulnerability, leading to a high impact on c...
NA
CVE-2023-42480
The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute force the login functionality to identify the legitimate user ids. This will have an impact on confidentiality but there is no other impact on integrity or availability.
Sap Netweaver Application Server Java 7.50
NA
CVE-2023-42477
SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50, allows an malicious user to send a crafted request from a vulnerable web application, causing limited impact on confidentiality and integrity of the application.
Sap Netweaver Application Server Java 7.50
NA
CVE-2023-41367
Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attack...
Sap Netweaver 7.50
NA
CVE-2023-37488
In SAP NetWeaver Process Integration - versions SAP_XIESR 7.50, SAP_XITOOL 7.50, SAP_XIAF 7.50, user-controlled inputs, if not sufficiently encoded, could result in Cross-Site Scripting (XSS) attack. On successful exploitation the attacker can cause limited impact on confidential...
Sap Netweaver Process Integration 7.50
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »