SAP_SE

283 tracked vulnerabilities.

CVE-2025-23188 MEDIUM
SAP S/4HANA (RBD) - Authenticated Missing Authorization Check in IBS Module
Mar 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-23185 MEDIUM
SAP Business Objects - Info Disclosure
Mar 11, 2025
CVSS 4.1
EPSS 0.00
CVE-2025-0071 MEDIUM
SAP Web Dispatcher & Internet Communication Manager - Info Disclosure
Mar 11, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-0062 MEDIUM
SAP BusinessObjects Business Intelligence Platform - Stored Cross-Site Scripting in Web Intelligence Reports
Mar 11, 2025
CVSS 4.7
EPSS 0.00
CVE-2025-25243 HIGH
SAP SRM MDM Catalog 7.52 - Unauthenticated Path Traversal via Public Servlet
Feb 11, 2025
CVSS 8.6
EPSS 0.00
CVE-2025-25241 MEDIUM
SAP Fiori Apps Reference Library (My Overtime Requests) >=GBX01HR5 605 - Missing Authorization
Feb 11, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-24876 HIGH
SAP Approuter Node.js <v16.7.1 - Auth Bypass
Feb 11, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-24875 MEDIUM
SAP Commerce HY_COM 2205 and COM_CLOUD 2211 - Cross-Site Request Forgery via SameSite=None Cookie Configuration
Feb 11, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-24874 MEDIUM
SAP Commerce (Backoffice) - Info Disclosure
Feb 11, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-24872 MEDIUM
SAP ABAP Platform - Privilege Escalation
Feb 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-24870 MEDIUM
SAP GUI for Windows & RFC - Privilege Escalation
Feb 11, 2025
CVSS 6.0
EPSS 0.00
CVE-2025-24869 MEDIUM
SAP NetWeaver Application Server Java - Info Disclosure
Feb 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-24868 HIGH
SAP HANA XS Advanced (User Auth) - Unauthenticated Open Redirect via URL Validation
Feb 11, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-24867 MEDIUM
SAP BusinessObjects Platform (BI Launchpad) - Unauthenticated Cross-Site Scripting via Unprotected URL Parameter
Feb 11, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-23191 LOW
SAP Fiori for SAP ERP - HTTP Header Injection via Host Header
Feb 11, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-23190 MEDIUM
SAP NetWeaver and ABAP Platform ST-PI - Missing Authorization Check
Feb 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-23189 MEDIUM
SAP NetWeaver and ABAP Platform (SDCCN) - Authenticated Missing Authorization in SDCCN Transaction
Feb 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-23187 MEDIUM
SAP NetWeaver/ABAP Platform < ST-PI 2008_1_700/710/740 - Unauthenticated Missing Authorization in SDCCN
Feb 11, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-0054 MEDIUM
SAP NetWeaver Application Server Java - XSS
Feb 11, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-0070 CRITICAL
SAP NetWeaver Application Server for ABAP and ABAP Platform - Privi...
Jan 14, 2025
CVSS 9.9
EPSS 0.00
CVE-2025-0069 HIGH
SAPSetup - Uncontrolled Search Path Element
Jan 14, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-0068 MEDIUM
SAP NetWeaver Application Server ABAP - Info Disclosure
Jan 14, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-0067 MEDIUM
SAP NetWeaver Application Server Java - Info Disclosure
Jan 14, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-0059 MEDIUM
SAP NetWeaver Application Server ABAP - Exposure of Sensitive System Information via Local Browser Storage
Jan 14, 2025
CVSS 6.0
EPSS 0.00
CVE-2025-0057 MEDIUM
SAP NetWeaver AS JAVA (User Admin Application) - Stored Cross-Site Scripting via Malicious Photo Upload
Jan 14, 2025
CVSS 4.8
EPSS 0.00
Products
SAP NetWeaver Application Server for ABAP and ABAP Platform 10 SAP NetWeaver Application Server ABAP 9 SAP Fiori App (Intercompany Balance Reconciliation) 6 SAP GUI for Windows 6 SAP NetWeaver Application Server Java 6 SAP NetWeaver Application Server for ABAP 6 SAP BusinessObjects Business Intelligence Platform 5 SAP Financial Consolidation 4 SAP NetWeaver Application Server ABAP and ABAP Platform 4 SAP NetWeaver Enterprise Portal 4 SAPCAR 4 SAP Business One (SLD) 3 SAP Commerce Cloud 3 SAP HCM (My Timesheet Fiori 2.0 application) 3 SAP MDM Server 3 SAP NetWeaver AS for JAVA (Adobe Document Services) 3 SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) 3 SAP NetWeaver and ABAP Platform (SDCCN) 3 SAP Solution Manager 3 SAP Business Connector 2 SAP Business Warehouse and SAP Plug-In Basis 2 SAP Commerce 2 SAP Enable Now 2 SAP Landscape Transformation 2 SAP Landscape Transformation (Analysis Platform) 2 SAP NetWeaver 2 SAP NetWeaver ABAP Platform 2 SAP NetWeaver Application Server ABAP (BIC Document) 2 SAP S/4 HANA (Cash Management) 2 SAP S/4 HANA (Manage Bank Statement Reprocessing Rules) 2
Quick Filters
Critical CVEs With Exploits In CISA KEV