sap
1,577 tracked vulnerabilities.
CVE-2020-6284
CRITICAL
SAP NetWeaver Knowledge Management 7.30, 7.31, 7.40, 7.50 - Stored Cross-Site Scripting
Aug 12, 2020
CVSS 9.0
EPSS 0.02
CVE-2020-6273
MEDIUM
SAP S/4 HANA Fiori UI for General Ledger Accounting 103, 104 - Missing Authorization Check in Attachment Service
Aug 12, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6292
HIGH
SAP Disclosure Mgmt <10.1 - Info Disclosure
Jul 14, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6291
HIGH
SAP Disclosure Mgmt <10.1 - Insufficient Session Expiration
Jul 14, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6290
MEDIUM
SAP Disclosure Mgmt <10.1 - Session Fixation
Jul 14, 2020
CVSS 6.3
EPSS 0.01
CVE-2020-6289
HIGH
SAP Disclosure Management 10.1 - Cross-Site Request Forgery
Jul 14, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-6287
CRITICAL
KEVNUCLEI
SAP NetWeaver AS JAVA - Missing Authentication Check
Jul 14, 2020
CVSS 10.0
EPSS 0.95
CVE-2020-6286
MEDIUM
SAP NetWeaver AS JAVA <7.50 - Path Traversal
Jul 14, 2020
CVSS 5.3
EPSS 0.28
CVE-2020-6285
MEDIUM
SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) <7.50 - Info Discl...
Jul 14, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6282
MEDIUM
SAP NetWeaver AS JAVA 7.10-7.50 - Server-Side Request Forgery via IIOP Service
Jul 14, 2020
CVSS 5.8
EPSS 0.01
CVE-2020-6281
MEDIUM
SAP Business Objects BI Launchpad <4.2 - XSS
Jul 14, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-6280
LOW
SAP NetWeaver <750 - Info Disclosure
Jul 14, 2020
CVSS 2.7
EPSS 0.01
CVE-2020-6278
MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.1-4.2 - Stored Cross-Site Scripting via Image Upload
Jul 14, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-6276
MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.2 - Cross-Site Scripting
Jul 14, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-6267
MEDIUM
SAP Disclosure Mgmt <10.1 - Info Disclosure
Jul 14, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-6261
MEDIUM
SAP Solution Manager <7.20 - Info Disclosure
Jul 01, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-6275
CRITICAL
SAP NetWeaver AS ABAP 700-754 - Server-Side Request Forgery via Session Import/Export
Jun 10, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-6271
HIGH
SAP Solution Manager <7.2 - Memory Corruption
Jun 10, 2020
CVSS 8.2
EPSS 0.01
CVE-2020-6270
MEDIUM
SAP NetWeaver AS ABAP - Privilege Escalation
Jun 10, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6269
MEDIUM
SAP Business Objects Business Intelligence Platform <4.2 - Info Dis...
Jun 10, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6268
HIGH
SAP ERP - Missing Authorization Check
Jun 10, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-6266
MEDIUM
SAP Fiori for SAP S/4HANA - Open Redirect
Jun 10, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-6264
HIGH
SAP Commerce <6.7-1905 - Info Disclosure
Jun 10, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6263
CRITICAL
SAP NetWeaver AS Java - Auth Bypass
Jun 10, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-6260
MEDIUM
SAP Solution Manager <7.20 - Info Disclosure
Jun 10, 2020
CVSS 5.3
EPSS 0.01
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 86
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 69
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters