Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sap netweaver 757 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2023-29186
In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then potentially...
Sap Netweaver 707Sap Netweaver 737Sap Netweaver 747Sap Netweaver 757
NA
CVE-2023-32114
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead t...
Sap Netweaver 702Sap Netweaver 731Sap Netweaver 740Sap Netweaver 750Sap Netweaver 751Sap Netweaver 752Sap Netweaver 753Sap Netweaver 754Sap Netweaver 755Sap Netweaver 756Sap Netweaver 757
NA
CVE-2023-33989
An attacker with non-administrative authorizations in SAP NetWeaver (BI CONT ADD ON) - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written lea...
Sap Netweaver Bi Content 737Sap Netweaver Bi Content 747Sap Netweaver Bi Content 757Sap Netweaver Bi Content 707
NA
CVE-2023-40624
SAP NetWeaver AS ABAP (applications based on Unified Rendering) - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, SAP_BASIS 702, SAP_BASIS 731, allows an malicious user to inject JavaScript code that can be executed in the web-application. An attacker could t...
Sap Netweaver Application Server Abap 702Sap Netweaver Application Server Abap 754Sap Netweaver Application Server Abap 755Sap Netweaver Application Server Abap 731Sap Netweaver Application Server Abap 756Sap Netweaver Application Server Abap 757Sap Netweaver Application Server Abap 758
NA
CVE-2023-23858
Due to insufficient input validation, SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated malicious user to send a crafted URL to a user, and by clicking the URL, the tricked user accesses SAP and...
Sap Netweaver Application Server Abap 750Sap Netweaver Application Server Abap 752Sap Netweaver Application Server Abap 753Sap Netweaver Application Server Abap 754Sap Netweaver Application Server Abap 755Sap Netweaver Application Server Abap 756Sap Netweaver Application Server Abap 740Sap Netweaver Application Server Abap 751Sap Netweaver Application Server Abap 757
NA
CVE-2023-28763
SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters which can consume the server's resources sufficiently to make it ...
Sap Netweaver Application Server Abap 750Sap Netweaver Application Server Abap 752Sap Netweaver Application Server Abap 753Sap Netweaver Application Server Abap 754Sap Netweaver Application Server Abap 755Sap Netweaver Application Server Abap 756Sap Netweaver Application Server Abap 740Sap Netweaver Application Server Abap 751Sap Netweaver Application Server Abap 757Sap Netweaver Application Server Abap 791
NA
CVE-2023-23859
SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated malicious user to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information.
Sap Netweaver Application Server Abap 750Sap Netweaver Application Server Abap 752Sap Netweaver Application Server Abap 753Sap Netweaver Application Server Abap 754Sap Netweaver Application Server Abap 755Sap Netweaver Application Server Abap 756Sap Netweaver Application Server Abap 740Sap Netweaver Application Server Abap 751Sap Netweaver Application Server Abap 789Sap Netweaver Application Server Abap 757Sap Netweaver Application Server Abap 790
NA
CVE-2023-23860
SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated malicious user to craft a link, which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read o...
Sap Netweaver Application Server Abap 750Sap Netweaver Application Server Abap 752Sap Netweaver Application Server Abap 753Sap Netweaver Application Server Abap 754Sap Netweaver Application Server Abap 755Sap Netweaver Application Server Abap 756Sap Netweaver Application Server Abap 740Sap Netweaver Application Server Abap 751Sap Netweaver Application Server Abap 789Sap Netweaver Application Server Abap 757Sap Netweaver Application Server Abap 790
NA
CVE-2023-0013
The ABAP Keyword Documentation of SAP NetWeaver Application Server - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, for ABAP and ABAP Platform does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. On successfu...
Sap Netweaver Application Server Abap 702Sap Netweaver Application Server Abap 750Sap Netweaver Application Server Abap 752Sap Netweaver Application Server Abap 753Sap Netweaver Application Server Abap 754Sap Netweaver Application Server Abap 755Sap Netweaver Application Server Abap 756Sap Netweaver Application Server Abap 731Sap Netweaver Application Server Abap 740Sap Netweaver Application Server Abap 751Sap Netweaver Application Server Abap 757
NA
CVE-2023-27500
An attacker with non-administrative authorizations can exploit a directory traversal flaw in program SAPRSBRO to over-write system files. In this attack, no data can be read but potentially critical OS files can be over-written making the system unavailable.
Sap Netweaver Application Server Abap 702Sap Netweaver Application Server Abap 750Sap Netweaver Application Server Abap 752Sap Netweaver Application Server Abap 753Sap Netweaver Application Server Abap 754Sap Netweaver Application Server Abap 755Sap Netweaver Application Server Abap 756Sap Netweaver Application Server Abap 700Sap Netweaver Application Server Abap 731Sap Netweaver Application Server Abap 740Sap Netweaver Application Server Abap 751Sap Netweaver Application Server Abap 701Sap Netweaver Application Server Abap 757
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook