sap
1,577 tracked vulnerabilities.
CVE-2023-24529
MEDIUM
BSP application - CRM_BSP_FRAME <75G - XSS
Feb 14, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-24528
MEDIUM
SAP Fiori apps for Travel Management <600 - Info Disclosure
Feb 14, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-24525
MEDIUM
SAP CRM WebClient UI - WEBCUIF748-801/S4FND102-103 - XSS
Feb 14, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-24524
MEDIUM
SAP S/4 HANA - Privilege Escalation
Feb 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-24523
HIGH
SAP Host Agent <7.22 - Privilege Escalation
Feb 14, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-24522
MEDIUM
SAP NetWeaver AS ABAP - Info Disclosure
Feb 14, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-24521
MEDIUM
SAP NetWeaver AS ABAP (BSP Framework) - Code Injection
Feb 14, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-23860
MEDIUM
SAP NetWeaver AS for ABAP and ABAP Platform - Open Redirect
Feb 14, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-23859
MEDIUM
SAP NetWeaver AS for ABAP and ABAP Platform - Open Redirect
Feb 14, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-23858
MEDIUM
SAP NetWeaver AS for ABAP and ABAP Platform - Open Redirect
Feb 14, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-23856
MEDIUM
SAP BusinessObjects Business Intelligence Platform 430 - Cross-Site Scripting via Web Intelligence DHTML JSP Response
Feb 14, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-23855
MEDIUM
SAP Solution Manager 720 - Open Redirect
Feb 14, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-23854
LOW
SAP NetWeaver Application Server for ABAP and ABAP Platform - Privi...
Feb 14, 2023
CVSS 3.8
EPSS 0.00
CVE-2023-23853
MEDIUM
AP NetWeaver Application Server for ABAP and ABAP Platform - CSRF
Feb 14, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-23852
MEDIUM
SAP Solution Manager 720 - Cross-Site Scripting in System Monitoring
Feb 14, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-23851
MEDIUM
SAP Business Planning and Consolidation - File Upload
Feb 14, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-0025
MEDIUM
SAP Solution Manager (BSP Application) -720 - CSRF
Feb 14, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-0024
MEDIUM
SAP Solution Manager (BSP Application) - 720 - XSS
Feb 14, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-0020
HIGH
SAP BusinessObjects Business Intelligence <430 - Info Disclosure
Feb 14, 2023
CVSS 8.5
EPSS 0.01
CVE-2023-0019
MEDIUM
SAP GRC - Confidential Data Exposure
Feb 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-0023
MEDIUM
SAP Bank Account Management - Exposure of Sensitive Information via Smart Link URL
Jan 10, 2023
CVSS 4.5
EPSS 0.01
CVE-2023-0022
CRITICAL
SAP BusinessObjects < - Code Injection
Jan 10, 2023
CVSS 9.9
EPSS 0.01
CVE-2023-0018
CRITICAL
SAP BusinessObjects <430 - Stored XSS
Jan 10, 2023
CVSS 10.0
EPSS 0.01
CVE-2023-0017
CRITICAL
SAP NetWeaver AS for Java <7.50 - Privilege Escalation
Jan 10, 2023
CVSS 9.4
EPSS 0.16
CVE-2023-0016
CRITICAL
SAP BPC MS 10.0-810 - SQL Injection
Jan 10, 2023
CVSS 9.9
EPSS 0.01
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 86
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 69
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters