Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netweaver abap vulnerabilities and exploits
(subscribe to this query)
8.7
CVSSv3
CVE-2022-41214
Due to insufficient input validation, SAP NetWeaver Application Server ABAP and ABAP Platform allows an attacker with high level privileges to use a remote enabled function to delete a file which is otherwise restricted. On successful exploitation an attacker can completely compr...
Sap Netweaver Application Server Abap 750
Sap Netweaver Application Server Abap 700
Sap Netweaver Application Server Abap 731
Sap Netweaver Application Server Abap 804
Sap Netweaver Application Server Abap 740
Sap Netweaver Application Server Abap 789
4.3
CVSSv3
CVE-2020-6371
User enumeration vulnerability can be exploited to get a list of user accounts and personal user information can be exposed in SAP NetWeaver Application Server ABAP (POWL test application) versions - 710, 711, 730, 731, 740, 750, leading to Information Disclosure.
Sap Netweaver Application Server Abap 750
Sap Netweaver Application Server Abap 710
Sap Netweaver Application Server Abap 730
Sap Netweaver Application Server Abap 731
Sap Netweaver Application Server Abap 711
Sap Netweaver Application Server Abap 740
4.7
CVSSv3
CVE-2022-41215
SAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated malicious user to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.
Sap Netweaver Application Server Abap 750
Sap Netweaver Application Server Abap 700
Sap Netweaver Application Server Abap 731
Sap Netweaver Application Server Abap 740
Sap Netweaver Application Server Abap 789
6.7
CVSSv3
CVE-2021-27611
SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged malicious user to inject malicious code by executing an ABAP report when the attacker has access to the local SAP system. The attacker could then get access to data, overwrite them, or execute a de...
Sap Netweaver Application Server Abap 702
Sap Netweaver Application Server Abap 700
Sap Netweaver Application Server Abap 730
Sap Netweaver Application Server Abap 731
Sap Netweaver Application Server Abap 701
6.1
CVSSv3
CVE-2022-39799
An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. This could lead to stealing session information and impersonating the affected user.
Sap Netweaver Application Server Abap Kernel 7.77
Sap Netweaver Application Server Abap 7.81
Sap Netweaver Application Server Abap 7.85
Sap Netweaver Application Server Abap 7.89
Sap Netweaver Application Server Abap 7.54
6.1
CVSSv3
CVE-2023-24522
Due to insufficient input sanitization, SAP NetWeaver AS ABAP (Business Server Pages) - versions 700, 701, 702, 731, 740, allows an unauthenticated user to alter the current session of the user by injecting the malicious code over the network and gain access to the unintended dat...
Sap Netweaver Application Server Abap 702
Sap Netweaver Application Server Abap 700
Sap Netweaver Application Server Abap 731
Sap Netweaver Application Server Abap 740
Sap Netweaver Application Server Abap 701
6.1
CVSSv3
CVE-2022-27656
The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager (ICM) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver As Abap Krnl64uc 8.04
Sap Netweaver As Abap Krnl64uc 7.22ext
Sap Netweaver As Abap Krnl64uc 7.49
Sap Netweaver As Abap Krnl64uc 7.53
Sap Netweaver As Abap Krnl64uc 7.22
Sap Netweaver As Abap Kernel 7.22
Sap Netweaver As Abap Kernel 8.04
Sap Netweaver As Abap Kernel 7.49
Sap Netweaver As Abap Kernel 7.53
Sap Netweaver As Abap Kernel 7.77
Sap Netweaver As Abap Kernel 7.81
Sap Netweaver As Abap Kernel 7.85
Sap Netweaver As Abap Kernel 7.86
Sap Netweaver As Abap Kernel 7.87
Sap Webdispatcher 7.49
Sap Webdispatcher 7.53
Sap Webdispatcher 7.77
Sap Webdispatcher 7.81
Sap Webdispatcher 7.83
Sap Webdispatcher 7.85
Sap Webdispatcher 7.22ext
4.3
CVSSv3
CVE-2020-6299
SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Information Disclosure.
Sap Abap Platform 751
Sap Abap Platform 753
Sap Abap Platform 755
Sap Abap Platform 740
Sap Abap Platform 750
Sap Abap Platform 754
Sap Netweaver Application Server Abap 750
Sap Netweaver Application Server Abap 753
Sap Netweaver Application Server Abap 754
Sap Netweaver Application Server Abap 740
Sap Netweaver Application Server Abap 751
Sap Netweaver Application Server Abap 755
5.4
CVSSv3
CVE-2022-29610
SAP NetWeaver Application Server ABAP allows an authenticated malicious user to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack.
Sap Netweaver Application Server Abap 753
Sap Netweaver Application Server Abap 754
Sap Netweaver Application Server Abap 755
Sap Netweaver Application Server Abap 756
9.4
CVSSv3
CVE-2023-49581
SAP GUI for Windows and SAP GUI for Java allow an unauthenticated malicious user to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated malicious user to write data to a database table. By doing so th...
Sap Netweaver Application Server Abap 700
Sap Netweaver Application Server Abap 731
Sap Netweaver Application Server Abap 740
Sap Netweaver Application Server Abap 750
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »