sap
1,568 tracked vulnerabilities.
CVE-2020-6201
MEDIUM
SAP Commerce (Testweb Extension) -6.6-7 - XSS
Mar 10, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-6200
MEDIUM
SAP Commerce Cloud 6.6, 6.7, 1808, 1811 - Cross-Site Scripting via AngularJS Template Injection
Mar 10, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-6199
MEDIUM
SAP ERP <618 - SAP FIN <730, S4HANA <105 - Missing Authorization Check
Mar 10, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-6198
CRITICAL
SAP Solution Manager <720 - Unauthenticated RCE
Mar 10, 2020
CVSS 9.8
EPSS 0.00
CVE-2020-6197
LOW
SAP Enable Now <1908 - Info Disclosure
Mar 10, 2020
CVSS 3.3
EPSS 0.00
CVE-2020-6196
HIGH
SAP BusinessObjects Mobile <4.2 - DoS
Mar 10, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-6178
MEDIUM
SAP Enable Now <1911 - Info Disclosure
Mar 10, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-6193
MEDIUM
SAP NetWeaver Knowledge Management 7.30, 7.31, 7.40, 7.50 - Unauthenticated Reflected Cross-Site Scripting
Feb 12, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-6192
HIGH
SAP Landscape Management <3.0 - Command Injection
Feb 12, 2020
CVSS 7.2
EPSS 0.00
CVE-2020-6191
HIGH
SAP Landscape Management <3.0 - Privilege Escalation
Feb 12, 2020
CVSS 7.2
EPSS 0.00
CVE-2020-6190
MEDIUM
SAP NetWeaver AS Java - Info Disclosure
Feb 12, 2020
CVSS 5.8
EPSS 0.00
CVE-2020-6189
MEDIUM
SAP BusinessObjects <4.2 - Info Disclosure
Feb 12, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-6188
HIGH
SAP ERP/S/4 HANA - Missing Authorization Check
Feb 12, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-6187
MEDIUM
SAP NetWeaver Guided Procedures 7.10-7.50 - XML External Entity Injection
Feb 12, 2020
CVSS 4.9
EPSS 0.00
CVE-2020-6186
HIGH
SAP Host Agent 7.21 - Denial of Service via Authentication Request Processing
Feb 12, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6185
MEDIUM
SAP NetWeaver <7.40 & SAP S/4HANA <7.54 - XSS
Feb 12, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-6184
MEDIUM
SAP NetWeaver <7.40 & SAP S/4HANA <7.54 - XSS
Feb 12, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-6183
MEDIUM
SAP Host Agent 7.21 - Info Disclosure
Feb 12, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-6181
MEDIUM
SAP NetWeaver <753 - HTTP Response Splitting
Feb 12, 2020
CVSS 5.8
EPSS 0.00
CVE-2020-6177
MEDIUM
SAP Mobile Platform 3.0 - Denial of Service via XML Input Validation
Feb 12, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-6307
MEDIUM
SAP Basis - Incorrect Authorization in Automated Note Search Tool
Jan 14, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-6306
LOW
SAP Leasing <6.18 - Privilege Escalation
Jan 14, 2020
CVSS 2.7
EPSS 0.00
CVE-2020-6305
MEDIUM
SAP Process Integration <7.50 - XSS
Jan 14, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-6304
HIGH
SAP NetWeaver Internet Communication Manager <7.53 - DoS
Jan 14, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6303
MEDIUM
SAP Disclosure Management < 10.1 - Cross-Site Scripting
Jan 14, 2020
CVSS 5.4
EPSS 0.00
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 78
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 68
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters