Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver application server java 7.50 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-27635
SAP NetWeaver AS for JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker authenticated as an administrator to connect over a network and submit a specially crafted XML file in the application because of missing XML Validation, this vulnerability enables malicious us...
Sap Netweaver Application Server For Java 7.20
Sap Netweaver Application Server For Java 7.30
Sap Netweaver Application Server For Java 7.31
Sap Netweaver Application Server For Java 7.40
Sap Netweaver Application Server For Java 7.50
4.9
CVSSv3
CVE-2021-27621
Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server for Java, versions - 7.11,7.20,7.30,7.31,7.40 and 7.50 allows malicious users to access restricted information by entering malicious server name.
Sap Netweaver Application Server For Java 7.20
Sap Netweaver Application Server For Java 7.30
Sap Netweaver Application Server For Java 7.31
Sap Netweaver Application Server For Java 7.40
Sap Netweaver Application Server For Java 7.11
Sap Netweaver Application Server For Java 7.50
5.3
CVSSv3
CVE-2023-24526
SAP NetWeaver Application Server Java for Classload Service - version 7.50, does not perform any authentication checks for functionalities that require user identity, resulting in escalation of privileges. This failure has a low impact on confidentiality of the data such that an ...
Sap Netweaver Application Server Java 7.50
5.3
CVSSv3
CVE-2022-26103
Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) - version 7.50, allows an malicious user to access information which could lead to information gathering for further exploits and attacks.
Sap Netweaver Application Server Java 7.50
8.8
CVSSv3
CVE-2017-8913
The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security N...
Sap Netweaver Application Server Java 7.50
5.3
CVSSv3
CVE-2023-42480
The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute force the login functionality to identify the legitimate user ids. This will have an impact on confidentiality but there is no other impact on integrity or availability.
Sap Netweaver Application Server Java 7.50
6.5
CVSSv3
CVE-2016-10304
The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788.
Sap Netweaver Application Server Java 7.50
6.5
CVSSv3
CVE-2016-9563
BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.
Sap Netweaver Application Server Java 7.50
1 Article
6.5
CVSSv3
CVE-2023-42477
SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50, allows an malicious user to send a crafted request from a vulnerable web application, causing limited impact on confidentiality and integrity of the application.
Sap Netweaver Application Server Java 7.50
7.5
CVSSv3
CVE-2017-12637
Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote malicious users to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Sec...
Sap Netweaver Application Server Java 7.50
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »