Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver 7.30 vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2020-6326
SAP NetWeaver (Knowledge Management), version-7.30,7.31,7.40,7.50, allows an authenticated malicious user to create malicious links in the UI, when clicked by victim, will execute arbitrary java scripts thus extracting or modifying information otherwise restricted leading to Stor...
Sap Netweaver Knowledge Management 7.31
Sap Netweaver Knowledge Management 7.40
Sap Netweaver Knowledge Management 7.50
Sap Netweaver Knowledge Management 7.30
383
VMScore
CVE-2022-35227
A vulnerability in SAP NW EP (WPC) - versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote malicious user to conduct a Cross-Site (XSS) scripting attack. A successful exploit could allow the malicious user to execute arbitrar...
Sap Netweaver Enterprise Portal 7.31
Sap Netweaver Enterprise Portal 7.30
Sap Netweaver Enterprise Portal 7.40
Sap Netweaver Enterprise Portal 7.50
356
VMScore
CVE-2021-27599
SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Integration Builder Framework), versions - 7.10, 7.30, 7.31, 7.40, 7.50, allows an malicious user to access information under certain conditions, which would otherwise be restricted.
Sap Netweaver Process Integration 7.10
Sap Netweaver Process Integration 7.30
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.40
Sap Netweaver Process Integration 7.50
490
VMScore
CVE-2020-6366
SAP NetWeaver (Compare Systems) versions - 7.20, 7.30, 7.40, 7.50, does not sufficiently validate uploaded XML documents. An attacker with administrative privileges can retrieve arbitrary files including files on OS level from the server and/or can execute a denial-of-service.
Sap Netweaver Compare Systems 7.30
Sap Netweaver Compare Systems 7.40
Sap Netweaver Compare Systems 7.31
Sap Netweaver Compare Systems 7.50
Sap Netweaver Compare Systems 7.20
445
VMScore
CVE-2019-0282
Several web pages in SAP NetWeaver Process Integration (Runtime Workbench), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; can be accessed without user authentication, which might expose internal data like release information, Java package and Java object names which can...
Sap Netweaver Process Integration 7.10
Sap Netweaver Process Integration 7.11
Sap Netweaver Process Integration 7.30
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.40
Sap Netweaver Process Integration 7.50
383
VMScore
CVE-2019-0337
Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an malicious user to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting (XSS)...
Sap Netweaver Process Integration 7.10
Sap Netweaver Process Integration 7.11
Sap Netweaver Process Integration 7.30
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.40
Sap Netweaver Process Integration 7.50
490
VMScore
CVE-2019-0283
SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; is vulnerable to Digital Signature Spoofing. It is possible to spoof XML signatures and send arbitrary requests to the server via PI Axis adapter. These requests will be ac...
Sap Netweaver Process Integration 7.10
Sap Netweaver Process Integration 7.11
Sap Netweaver Process Integration 7.30
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.40
Sap Netweaver Process Integration 7.50
356
VMScore
CVE-2021-27604
In order to prevent XML External Entity vulnerability in SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Enterprise Service Repository JAVA Mappings), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50, SAP recommends to refer this note.
Sap Netweaver Process Integration 7.10
Sap Netweaver Process Integration 7.30
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.40
Sap Netweaver Process Integration 7.50
Sap Netweaver Process Integration 7.20
578
VMScore
CVE-2021-33671
SAP NetWeaver Guided Procedures (Administration Workset), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. The impact of missing authorization could result to abuse of ...
Sap Netweaver Guided Procedures 7.20
Sap Netweaver Guided Procedures 7.30
Sap Netweaver Guided Procedures 7.31
Sap Netweaver Guided Procedures 7.40
Sap Netweaver Guided Procedures 7.50
Sap Netweaver Guided Procedures 7.10
578
VMScore
CVE-2021-33690
Server-Side Request Forgery (SSRF) vulnerability has been detected in the SAP NetWeaver Development Infrastructure Component Build Service versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50The SAP NetWeaver Development Infrastructure Component Build Service allows a threat actor who h...
Sap Netweaver Development Infrastructure 7.11
Sap Netweaver Development Infrastructure 7.20
Sap Netweaver Development Infrastructure 7.30
Sap Netweaver Development Infrastructure 7.31
Sap Netweaver Development Infrastructure 7.40
Sap Netweaver Development Infrastructure 7.50
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »