Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap basis vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2018-2494
Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform.
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
7.2
CVSSv3
CVE-2018-2478
An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the <sid>adm user....
Sap Basis 7.30
Sap Basis 7.31
Sap Basis 7.40
Sap Basis
8.8
CVSSv3
CVE-2018-2367
ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an malicious user to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" a...
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.30
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
8.8
CVSSv3
CVE-2018-2363
SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially esc...
Sap Netweaver -
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.30
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
7.2
CVSSv3
CVE-2017-16682
SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application.
Sap Netweaver Internet Transaction Server -
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.30
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
6.5
CVSSv3
CVE-2017-16691
SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31,7.40, from 7.50 to 7.52) supports upload of digitally signed note file of type 'SAR'. The digital signature verification is done together with the extraction of note file contained in th...
Sap Business Application Software Integrated Solution 7.30
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
Sap Business Application Software Integrated Solution 7.00
Sap Business Application Software Integrated Solution 7.01
Sap Business Application Software Integrated Solution 7.02
Sap Business Application Software Integrated Solution 7.10
Sap Business Application Software Integrated Solution 7.11
Sap Business Application Software Integrated Solution 7.50
Sap Business Application Software Integrated Solution 7.51
Sap Business Application Software Integrated Solution 7.52
7.5
CVSSv3
CVE-2016-4551
The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote malicious users to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621.
Sap Netweaver 2004s
Sap Sap Aba 7.00
Sap Sap Basis 7.00
NA
CVE-2014-8663
SQL injection vulnerability in Data Basis (BW-WHM-DBA) in SAP NetWeaver Business Warehouse allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Sap Netweaver Business Warehouse -
NA
CVE-2014-3130
The ABAP Help documentation and translation tools (BC-DOC-HLP) in Basis in SAP Netweaver ABAP Application Server does not properly restrict access, which allows local users to gain privileges and execute ABAP instructions via crafted help messages.
Sap Netweaver Abap Application Server -
NA
CVE-2013-3063
SAP BASIS Communication Services 4.6B up to and including 7.30 allows remote authenticated users to execute arbitrary commands via unspecified vectors.
Sap Basis Communication Services 7.30
Sap Basis Communication Services 4.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »