Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver 7.50 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-31405
SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated malicious user to craft a request over the network which can result in unwarranted modifications to a system log without user interaction. There is no ability to view a...
Sap Netweaver Application Server For Java 7.50
NA
CVE-2023-35872
The Message Display Tool (MDT) of SAP NetWeaver Process Integration - version SAP_XIAF 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configu...
Sap Netweaver Process Integration 7.50
NA
CVE-2023-35873
The Runtime Workbench (RWB) of SAP NetWeaver Process Integration - version SAP_XITOOL 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configur...
Sap Netweaver Process Integration 7.50
NA
CVE-2023-33985
SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. On successful exploitation, an attacker can view or m...
Sap Netweaver 7.50
NA
CVE-2023-33984
SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized malicious user to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain ...
Sap Netweaver 7.50
NA
CVE-2023-30744
In SAP AS NetWeaver JAVA - versions SERVERCORE 7.50, J2EE-FRMW 7.50, CORE-TOOLS 7.50, an unauthenticated attacker can attach to an open interface and make use of an open naming and directory API to instantiate an object which has methods which can be called without further author...
Sap Netweaver Application Server For Java 7.50
NA
CVE-2023-28761
In SAP NetWeaver Enterprise Portal - version 7.50, an unauthenticated attacker can attach to an open interface and make use of an open API to access a service which will enable them to access or modify server settings and data, leading to limited impact on confidentiality and int...
Sap Netweaver Enterprise Portal 7.50
NA
CVE-2023-26460
Cache Management Service in SAP NetWeaver Application Server for Java - version 7.50, does not perform any authentication checks for functionalities that require user identity
Sap Netweaver Application Server For Java 7.50
NA
CVE-2023-26461
SAP NetWeaver allows (SAP Enterprise Portal) - version 7.50, allows an authenticated attacker with sufficient privileges to access the XML parser which can submit a crafted XML file which when parsed will enable them to access but not modify sensitive files and data. It allows th...
Sap Netweaver Enterprise Portal 7.50
NA
CVE-2023-23857
Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated malicious user to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affectin...
Sap Netweaver Application Server For Java 7.50
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »