Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver 7.20 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-6365
SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, Start Page allows an unauthenticated remote malicious user to redirect users to a malicious site due to insufficient reverse tabnabbing URL validation. The attacker could execute phishing attacks to steal...
Sap Netweaver Application Server Java 7.10
Sap Netweaver Application Server Java 7.11
Sap Netweaver Application Server Java 7.20
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
6.1
CVSSv3
CVE-2018-2452
The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in a cross-site scripting (XSS) vulnerability.
Sap Netweaver Application Server Java 7.10
Sap Netweaver Application Server Java 7.11
Sap Netweaver Application Server Java 7.20
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
6.1
CVSSv3
CVE-2018-2504
SAP NetWeaver AS Java Web Container service does not validate against whitelist the HTTP host header which can result in HTTP Host Header Manipulation or Cross-Site Scripting (XSS) vulnerability. This is fixed in versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50.
Sap Netweaver Application Server Java 7.10
Sap Netweaver Application Server Java 7.11
Sap Netweaver Application Server Java 7.20
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
7.5
CVSSv3
CVE-2021-33670
SAP NetWeaver AS for Java (Http Service Monitoring Filter), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an malicious user to send multiple HTTP requests with different method types thereby crashing the filter and making the HTTP server unavailable to other legitim...
Sap Netweaver Application Server Java 7.20
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
Sap Netweaver Application Server Java 7.10
Sap Netweaver Application Server Java 7.11
5.9
CVSSv3
CVE-2021-27624
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CiXMLIStreamRawBuff...
Sap Netweaver As Internet Graphics Server 7.20
Sap Netweaver As Internet Graphics Server 7.20ext
Sap Netweaver As Internet Graphics Server 7.20ex2
Sap Netweaver As Internet Graphics Server 7.53
Sap Netweaver As Internet Graphics Server 7.81
1 Github repository
5.9
CVSSv3
CVE-2021-27625
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method IgsData::freeMemory...
Sap Netweaver As Internet Graphics Server 7.20
Sap Netweaver As Internet Graphics Server 7.20ext
Sap Netweaver As Internet Graphics Server 7.20ex2
Sap Netweaver As Internet Graphics Server 7.53
Sap Netweaver As Internet Graphics Server 7.81
5.9
CVSSv3
CVE-2021-27623
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CXmlUtility::CheckL...
Sap Netweaver As Internet Graphics Server 7.20
Sap Netweaver As Internet Graphics Server 7.20ext
Sap Netweaver As Internet Graphics Server 7.20ex2
Sap Netweaver As Internet Graphics Server 7.53
Sap Netweaver As Internet Graphics Server 7.81
5.9
CVSSv3
CVE-2021-27620
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method Ups::AddPart() whic...
Sap Netweaver As Internet Graphics Server 7.20
Sap Netweaver As Internet Graphics Server 7.20ext
Sap Netweaver As Internet Graphics Server 7.20ex2
Sap Netweaver As Internet Graphics Server 7.53
Sap Netweaver As Internet Graphics Server 7.81
5.9
CVSSv3
CVE-2021-27622
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CDrawRaster::LoadIm...
Sap Netweaver As Internet Graphics Server 7.20
Sap Netweaver As Internet Graphics Server 7.20ext
Sap Netweaver As Internet Graphics Server 7.20ex2
Sap Netweaver As Internet Graphics Server 7.53
Sap Netweaver As Internet Graphics Server 7.81
5.9
CVSSv3
CVE-2021-27626
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CMiniXMLParser::Par...
Sap Netweaver As Internet Graphics Server 7.20
Sap Netweaver As Internet Graphics Server 7.20ext
Sap Netweaver As Internet Graphics Server 7.20ex2
Sap Netweaver As Internet Graphics Server 7.53
Sap Netweaver As Internet Graphics Server 7.81
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »