3218177 |
BC-FES-WGU |
[CVE-2022-35294] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP |
5.4 |
Medium |
2022-09 |
2022/09/13 |
Program error |
ABAP |
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.81
KERNEL 7.85
KERNEL 7.89
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
|
3123396 |
BC-CST-IC |
[CVE-2022-22536] Request smuggling and request concatenation in SAP NetWeaver, SAP Content Server and SAP Web Dispatcher |
10.0 |
Hot News |
2022-02 |
2022/02/08 |
Program error |
Kernel |
CONTSERV 7.53
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.77
KERNEL 7.81
KERNEL 7.85
KERNEL 7.86
KERNEL 7.87
KERNEL 8.04
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
KRNL64UC 8.04
WEBDISP 7.22_EXT
WEBDISP 7.49
WEBDISP 7.53
WEBDISP 7.77
WEBDISP 7.81
WEBDISP 7.85
WEBDISP 7.86
WEBDISP 7.87
|
3111311 |
BC-CST-WDP |
[CVE-2022-28772]Denial of service (DOS) in SAP Web Dispatcher and SAP Netweaver (Internet Communication Manager) |
7.5 |
High |
2022-04 |
2022/04/12 |
Program error |
Kernel |
KERNEL 7.53
KERNEL 7.77
KERNEL 7.81
KERNEL 7.85
KERNEL 7.86
KRNL64UC 7.53
SAP_EXTENDED_APP_SERVICES 1
WEBDISP 7.53
WEBDISP 7.77
WEBDISP 7.81
WEBDISP 7.85
WEBDISP 7.86
XS_ADVANCED_RUNTIME 1.00
|
3080567 |
BC-CST-WDP |
[CVE-2021-38162] HTTP Request Smuggling in SAP Web Dispatcher |
8.9 |
High |
2021-09 |
2021/09/14 |
Program error |
Kernel |
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.77
KERNEL 7.81
KERNEL 7.83
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
WEBDISP 7.53
WEBDISP 7.77
WEBDISP 7.81
|
3123427 |
BC-CST-IC |
[CVE-2022-22532] HTTP Request Smuggling in SAP NetWeaver Application Server Java |
8.1 |
High |
2022-02 |
2022/02/08 |
Program error |
Kernel |
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
|
3145046 |
BC-CST-WDP |
[CVE-2022-27656] Cross-Site Scripting (XSS) vulnerability in administration UI of SAP Webdispatcher and SAP Netweaver AS for ABAP and Java (ICM) |
8.3 |
High |
2022-05 |
2022/05/10 |
Program error |
Kernel |
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.77
KERNEL 7.81
KERNEL 7.85
KERNEL 7.86
KERNEL 7.87
KERNEL 8.04
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
KRNL64UC 8.04
WEBDISP 7.22_EXT
WEBDISP 7.49
WEBDISP 7.53
WEBDISP 7.77
WEBDISP 7.81
WEBDISP 7.85
|
3116223 |
BC-CST |
[CVE-2022-22543] Denial of service (DOS) in SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) |
3.7 |
Low |
2022-02 |
2022/02/08 |
Program error |
Kernel |
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.77
KERNEL 7.81
KERNEL 7.85
KERNEL 7.86
KERNEL 7.87
KERNEL 8.04
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
KRNL64UC 8.04
|
3155571 |
BC-DB-SYB |
[CVE-2022-31594] Privilege escalation vulnerability in SAP Adaptive Server Enterprise (ASE) |
3.2 |
Low |
2022-06 |
2022/06/14 |
Program error |
SAP Adaptive Server Enterprise (ASE) |
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EX2
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
|
3194674 |
BC-CST-STS |
[CVE-2022-29612] Server-Side Request Forgery in SAP NetWeaver, ABAP Platform and SAP Host Agent |
5.0 |
Medium |
2022-06 |
2022/06/14 |
Program error |
ABAP SAP Host Agent |
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.77
KERNEL 7.81
KERNEL 7.85
KERNEL 7.86
KERNEL 7.87
KERNEL 7.88
KERNEL 8.04
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
KRNL64UC 8.04
SAPHOSTAGENT 7.22
|
3158619 |
BC-CST-STS |
[CVE-2022-29614] Privilege Escalation in SAP startservice of SAP NetWeaver AS ABAP, AS Java, ABAP Platform and HANA Database |
4.9 |
Medium |
2022-06 |
2022/06/14 |
Program error |
ABAP Java HANA platform |
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.77
KERNEL 7.81
KERNEL 7.85
KERNEL 7.86
KERNEL 7.87
KERNEL 7.88
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
SAPHOSTAGENT 7.22
|
3392626 |
BC-CST-IC |
[CVE-2024-22124] Information Disclosure vulnerability in SAP NetWeaver Internet Communication Manager |
4.1 |
Medium |
2024-01 |
2024/01/09 |
Program error |
Kernel / Web Dispatcher |
KERNEL 7.22
KERNEL 7.53
KERNEL 7.54
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.53
WEBDISP 7.22_EXT
WEBDISP 7.53
WEBDISP 7.54
|
3275458 |
BC-FES-WGU |
[CVE-2023-27499] Cross-Site Scripting (XSS) vulnerability in SAP GUI for HTML |
6.1 |
Medium |
2023-04 |
2023/04/11 |
Program error |
Kernel |
KERNEL 7.22
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.81
KERNEL 7.85
KERNEL 7.89
KERNEL 7.91
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.53
|
3089413 |
BC-MID-RFC |
[CVE-2023-0014] Capture-replay vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform |
9.0 |
Hot News |
2023-01 |
2023/01/10 |
Program error |
Kernel / ABAP |
KERNEL 7.22
KERNEL 7.53
KERNEL 7.77
KERNEL 7.81
KERNEL 7.85
KERNEL 7.89
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.53
SAP_BASIS 700-702
SAP_BASIS 710-711
SAP_BASIS 730
SAP_BASIS 731
SAP_BASIS 740
SAP_BASIS 750-757
|
3389917 |
BC-CST-IC |
[CVE-2023-44487] Denial of service (DOS) in SAP Web Dispatcher, SAP NetWeaver Application server ABAP, and ABAP Platform |
7.5 |
High |
2024-01 |
2024/01/09 |
Program error |
Kernel |
KRNL64UC 7.53
WEBDISP 7.53
WEBDISP 7.77
WEBDISP 7.85
WEBDISP 7.89
WEBDISP 7.54
WEBDISP 7.93
WEBDISP 7.94
WEBDISP 7.95
KERNEL 7.53
KERNEL 7.77
KERNEL 7.85
KERNEL 7.89
KERNEL 7.54
KERNEL 7.93
KERNEL 7.94
KERNEL 7.95
|
3360827 |
BC-FES-ITS |
[CVE-2024-24740] Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP (SAP Kernel) |
5.3 |
Medium |
2024-02 |
2024/02/13 |
Program error |
Kernel |
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.85
KERNEL 7.89
KERNEL 7.93
KERNEL 7.94
KRNL64UC 7.53
|
2870067 |
BC-ABA-XML |
Update 1 to Security Note 2736825 - [CVE-2019-0271] Denial of Service via XML External Entity (XXE) vulnerability in ABAP Server |
6.5 |
Medium |
2020-02 |
2020/02/11 |
Program error |
ABAP |
KRNL64NUC 7.49
KRNL64UC 7.49
KRNL64UC 7.53
KRNL64UC 7.73
KERNEL 7.49
KERNEL 7.53
KERNEL 7.73
KERNEL 7.77
KERNEL 7.78
KERNEL 7.79
|
3145702 |
BC-CST-MS |
[CVE-2022-29616] Memory Corruption vulnerability in SAP Host Agent, SAP NetWeaver and ABAP Platform |
5.3 |
Medium |
2022-05 |
2022/05/10 |
Program error |
SAP Host Agent Kernel |
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.77
KERNEL 7.81
KERNEL 7.85
KERNEL 7.86
KERNEL 7.87
KERNEL 7.88
KERNEL 8.04
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
KRNL64UC 8.04
SAPHOSTAGENT 7.22
|
3032624 |
BC-MID-RFC |
[CVE-2021-33684] Memory Corruption in SAP NetWeaver AS ABAP and ABAP Platform |
5.3 |
Medium |
2021-07 |
2021/07/13 |
Program error |
Kernel |
KERNEL 7.21-7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.77
KERNEL 7.81
KERNEL 7.84
KERNEL 8.04
KRNL32NUC 7.21
KRNL32NUC 7.21EXT
KRNL32NUC 7.22
KRNL32NUC 7.22EXT
KRNL32UC 7.21
KRNL32UC 7.21EXT
KRNL32UC 7.22
KRNL32UC 7.22EXT
KRNL64NUC 7.21
KRNL64NUC 7.21EXT
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.21
KRNL64UC 7.21EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
KRNL64UC 8.04
|
2973428 |
BC-FES-ITS |
Reverse Tabnabbing vulnerability within SAP NetWeaver Application Server ABAP (Applications based on SAP GUI for HTML) |
4.7 |
Medium |
2021-02 |
2021/02/09 |
Program error |
Kernel |
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.73
KERNEL 7.77
KERNEL 7.81
KRNL32NUC 7.22
KRNL32NUC 7.22EXT
KRNL32UC 7.22
KRNL32UC 7.22EXT
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
KRNL64UC 7.73
|
3318850 |
BC-MID-RFC |
[CVE-2023-35874] Improper authentication vulnerability in SAP NetWeaver AS ABAP and ABAP Platform |
6.0 |
Medium |
2023-07 |
2023/07/11 |
Program error |
Kernel |
KERNEL 7.22
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.81
KERNEL 7.85
KERNEL 7.89
KERNEL 7.92
KERNEL 7.93
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.53
|
3000663 |
BC-CST-WDP |
[CVE-2021-33683] HTTP Request Smuggling in SAP Web Dispatcher and Internet Communication Manager |
5.4 |
Medium |
2021-07 |
2021/07/13 |
Program error |
Kernel |
HDB 2.00
KERNEL 7.21-7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.73
KERNEL 7.77
KERNEL 7.81
KERNEL 7.82
KERNEL 7.83
KRNL32NUC 7.21
KRNL32NUC 7.21EXT
KRNL32UC 7.21
KRNL32UC 7.21EXT
KRNL64NUC 7.21
KRNL64NUC 7.21EXT
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.21
KRNL64UC 7.21EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
KRNL64UC 7.73
SAP_EXTENDED_APP_SERVICES 1
WEBDISP 7.53
WEBDISP 7.73
WEBDISP 7.77
WEBDISP 7.81
WEBDISP 7.82
WEBDISP 7.83
XS_ADVANCED_RUNTIME 1.00
|
3057378 |
BC-CST-WDP |
Missing Authentication check in SAP Web Dispatcher |
8.8 |
High |
2021-08 |
2021/08/10 |
Program error |
Kernel |
HDB 2.00
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.77
KERNEL 7.81
KERNEL 7.83
KERNEL 7.84
KERNEL 8.04
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
KRNL64UC 8.04
SAP_EXTENDED_APP_SERVICES 1
WEBDISP 7.22_EXT
WEBDISP 7.49
WEBDISP 7.53
WEBDISP 7.77
WEBDISP 7.81
XS_ADVANCED_RUNTIME 1.00
|
3051787 |
BC-IAM-SSO-CCL |
[CVE-2021-38177] Null Pointer Dereference vulnerability in SAP CommonCryptoLib |
7.5 |
High |
2021-09 |
2021/09/14 |
Program error |
ABAP Java HANA platform |
HDB 2.00
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64NUC 7.53
KRNL64NUC 7.22EX2
KRNL64NUC 7.77
KRNL64UC 8.04
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
KRNL64UC 7.77
KRNL64UC 7.81
KRNL64UC 7.85
KRNL64UC 7.83
KRNL64UC 7.84
WEBDISP 7.49
WEBDISP 7.53
WEBDISP 7.77
|
3111293 |
BC-CST-WDP |
[CVE-2022-28773] Denial of service (DOS) in SAP Web Dispatcher and SAP Netweaver (Internet Communication Manager) |
4.9 |
Medium |
2022-04 |
2022/04/12 |
Program error |
Kernel |
HDB 2.00
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.77
KERNEL 7.81
KERNEL 7.85
KERNEL 7.86
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
WEBDISP 7.53
WEBDISP 7.77
WEBDISP 7.81
WEBDISP 7.85
WEBDISP 7.86
|
3233899 |
BC-CST-WDP |
[CVE-2023-33987] Request smuggling and request concatenation vulnerability in SAP Web Dispatcher |
8.6 |
High |
2023-07 |
2023/07/11 |
Program error |
Kernel |
HDB 2.00
KERNEL 7.49
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.81
KERNEL 7.85
KERNEL 7.88
KERNEL 7.89
KERNEL 7.90
KRNL64NUC 7.49
KRNL64UC 7.49
KRNL64UC 7.53
SAP_EXTENDED_APP_SERVICES 1
WEBDISP 7.49
WEBDISP 7.53
WEBDISP 7.54
WEBDISP 7.77
WEBDISP 7.81
WEBDISP 7.85
WEBDISP 7.88
WEBDISP 7.89
WEBDISP 7.90
XS_ADVANCED_RUNTIME 1.00
|
3340735 |
BC-CST-WDP |
[CVE-2023-35871] Memory Corruption vulnerability in SAP Web Dispatcher |
7.7 |
High |
2023-07 |
2023/07/11 |
Program error |
Kernel |
HDB 2.00
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.85
KERNEL 7.89
KERNEL 7.91
KERNEL 7.92
KERNEL 7.93
KRNL64UC 7.53
SAP_EXTENDED_APP_SERVICES 1
WEBDISP 7.53
WEBDISP 7.54
WEBDISP 7.77
WEBDISP 7.85
WEBDISP 7.89
WEBDISP 7.91
WEBDISP 7.92
WEBDISP 7.93
XS_ADVANCED_RUNTIME 1.00
|
3508947 |
BC-FES-WGU |
[CVE-2024-47593] Information Disclosure Vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform |
4.3 |
Medium |
2024-11 |
2024/11/12 |
Program error |
ABAP |
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.89
KERNEL 7.93
KERNEL 9.12
KRNL64UC 7.53
|
3344295 |
BC-CST-MS |
[CVE-2023-37491] Improper Authorization check vulnerability in SAP Message Server |
7.5 |
High |
2023-08 |
2023/08/08 |
Program error |
Kernel |
KERNEL 7.22
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.53
|
3469791 |
BC-MID-RFC |
[CVE-2024-54198] Information Disclosure vulnerability through Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP |
8.5 |
High |
2024-12 |
2024/12/10 |
Program error |
ABAP |
KERNEL 7.22
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.89
KERNEL 7.93
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.53
|
3359778 |
BC-CST-DP |
[CVE-2024-30218] Denial of service (DOS) vulnerability in SAP NetWeaver AS ABAP and ABAP Platform |
6.5 |
Medium |
2024-04 |
2024/04/09 |
Program error |
Kernel |
KERNEL 7.22
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.85
KERNEL 7.89
KERNEL 7.93
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.53
|
3504390 |
BC-ABA-LA |
[CVE-2024-47586] NULL Pointer Dereference vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform |
7.5 |
High |
2024-12 |
2024/11/12 |
Program error |
ABAP |
KERNEL 7.22
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.89
KERNEL 7.93
KERNEL 8.04
KERNEL 9.12
KERNEL 9.13
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.53
KRNL64UC 8.04
|
3340576 |
BC-IAM-SSO-CCL |
[CVE-2023-40309] Missing Authorization check in SAP CommonCryptoLib |
9.8 |
Hot News |
2023-09 |
2023/09/12 |
Program error |
Kernel, HANA platform, Web Dispatcher |
CONTSERV 6.50
CONTSERV 7.53
CONTSERV 7.54
CRYPTOLIB 8
HDB 2.00
KERNEL 7.22
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.85
KERNEL 7.89
KERNEL 7.91
KERNEL 7.92
KERNEL 7.93
KERNEL 8.04
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.53
KRNL64UC 8.04
SAPHOSTAGENT 7.22
SAPSSOEXT 17
SAP_EXTENDED_APP_SERVICES 1
WEBDISP 7.22_EXT
WEBDISP 7.53
WEBDISP 7.54
WEBDISP 7.77
WEBDISP 7.85
WEBDISP 7.89
XS_ADVANCED_RUNTIME 1.00
|
3438085 |
BC-CST-IC |
[CVE-2024-33005] Missing Authorization check in SAP NetWeaver Application Server (ABAP and Java),SAP Web Dispatcher and SAP Content Server. |
6.3 |
Medium |
2024-08 |
2024/08/13 |
Program error |
Kernel / Web Dispatcher |
KERNEL 7.22
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.85
KERNEL 7.89
KERNEL 7.93
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.53
WEBDISP 7.22_EXT
WEBDISP 7.53
WEBDISP 7.54
WEBDISP 7.77
WEBDISP 7.85
WEBDISP 7.89
WEBDISP 7.93
|
3327896 |
BC-IAM-SSO-CCL |
[CVE-2023-40308] Memory Corruption vulnerability in SAP CommonCryptoLib |
7.5 |
High |
2023-09 |
2023/09/12 |
Program error |
Kernel |
CONTSERV 6.50
CONTSERV 7.53
CONTSERV 7.54
CRYPTOLIB 8
HDB 2.00
KERNEL 7.22
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.85
KERNEL 7.89
KERNEL 7.91
KERNEL 7.92
KERNEL 7.93
KERNEL 8.04
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.53
KRNL64UC 8.04
SAPHOSTAGENT 7.22
SAPSSOEXT 17
SAP_EXTENDED_APP_SERVICES 1
WEBDISP 7.22_EXT
WEBDISP 7.53
WEBDISP 7.54
WEBDISP 7.77
WEBDISP 7.85
WEBDISP 7.89
XS_ADVANCED_RUNTIME 1.00
|
3362849 |
BC-CST-IC |
[CVE-2023-41366] Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform |
5.3 |
Medium |
2023-11 |
2023/11/14 |
Program error |
Kernel |
KERNEL 7.22
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.85
KERNEL 7.89
KERNEL 7.91
KERNEL 7.92
KERNEL 7.93
KERNEL 7.94
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.53
|
3537476 |
BC-MID-ICF |
[CVE-2025-0070] Improper Authentication in SAP NetWeaver ABAP Server and ABAP Platform |
9.9 |
Hot News |
2025-01 |
2025/01/14 |
Program error |
Kernel |
KERNEL 7.22
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.89
KERNEL 7.93
KERNEL 7.97
KERNEL 8.04
KERNEL 9.12
KERNEL 9.13
KERNEL 9.14
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.53
KRNL64UC 8.04
|
3503138 |
BC-FES-WGU |
[CVE-2025-0059] Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) |
6.0 |
Medium |
2025-01 |
2025/01/14 |
Program error |
SAP GUI / Frontend |
KERNEL 7.53
KERNEL 7.54
KERNEL 7.77
KERNEL 7.89
KERNEL 7.93
KERNEL 9.12
KERNEL 9.14
KRNL64UC 7.53
|
3030604 |
BC-CST-IC |
[CVE-2021-33663] Plaintext Injection in SAP NetWeaver AS for ABAP |
5.8 |
Medium |
2021-06 |
2021/06/08 |
Program error |
ABAP |
KERNEL 7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.73
KERNEL 7.77
KERNEL 7.81
KERNEL 7.82
KERNEL 7.83
KERNEL 7.84
KERNEL 8.04
KRNL32NUC 7.22
KRNL32NUC 7.22EXT
KRNL32UC 7.22
KRNL32UC 7.22EXT
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
KRNL64UC 7.73
KRNL64UC 8.04
|
3028370 |
BC-FES-WGU |
[CVE-2021-33665] Cross-Site Scripting (XSS) vulnerability within SAP NetWeaver AS ABAP (Applications based on SAP GUI for HTML) |
5.4 |
Medium |
2021-06 |
2021/06/08 |
Program error |
ABAP |
KERNEL 7.49
KERNEL 7.53
KERNEL 7.77
KERNEL 7.81
KERNEL 7.84
KRNL64NUC 7.49
KRNL64UC 7.49
KRNL64UC 7.53
|
3007182 |
BC-MID-RFC |
[CVE-2021-27610] Improper Authentication in SAP NetWeaver ABAP Server and ABAP Platform |
9.0 |
Hot News |
2021-07 |
2021/06/08 |
Program error |
ABAP |
KERNEL 7.21-7.22
KERNEL 7.49
KERNEL 7.53
KERNEL 7.73
KERNEL 7.77
KERNEL 7.81
KERNEL 7.84
KERNEL 8.04
KRNL32NUC 7.21
KRNL32NUC 7.21EXT
KRNL32NUC 7.22
KRNL32NUC 7.22EXT
KRNL32UC 7.21
KRNL32UC 7.21EXT
KRNL32UC 7.22
KRNL32UC 7.22EXT
KRNL64NUC 7.21
KRNL64NUC 7.21EXT
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.21
KRNL64UC 7.21EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
KRNL64UC 7.73
KRNL64UC 8.04
SAP_BASIS 700-702
SAP_BASIS 710-711
SAP_BASIS 730
SAP_BASIS 731
SAP_BASIS 740
SAP_BASIS 750-755
SAP_BASIS 783
SAP_BASIS 804
|
2848498 |
BC-CST-IC |
[CVE-2020-6304] Denial of service (DOS) in SAP NetWeaver Internet Communication Manager |
5.9 |
Medium |
2020-01 |
2020/01/14 |
Program error |
Kernel |
KRNL32NUC 7.21
KRNL32NUC 7.21EXT
KRNL32UC 7.21
KRNL32UC 7.21EXT
KRNL64NUC 7.21
KRNL64NUC 7.21EXT
KRNL64NUC 7.22
KRNL64NUC 7.22EXT
KRNL64NUC 7.49
KRNL64UC 7.21
KRNL64UC 7.21EXT
KRNL64UC 7.22
KRNL64UC 7.22EXT
KRNL64UC 7.49
KRNL64UC 7.53
KERNEL 7.21-7.22
KERNEL 7.49
KERNEL 7.53
|