Vulnerabilities for Abap platform (...) - CXSECURITY.COM

Vulnerabilities for 'Abap platform'

2021-12-14

CVE-2021-44231

CWE-94

Internally used text extraction reports allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.

2020-09-09

CVE-2020-6318

CWE-94

A Remote Code Execution vulnerability exists in the SAP NetWeaver (ABAP Server, up to release 7.40) and ABAP Platform (> release 7.40).Because of this, an attacker can exploit these products via Code Injection, and potentially enabling to take complete control of the products, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the products to terminate.

2020-08-12

CVE-2020-6310

CWE-200

Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP users, leading to Information Disclosure.

CVE-2020-6299

CWE-200

SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Information Disclosure.

CVE-2020-6296

CWE-94

SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753, 755, allows an attacker to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application.

2020-07-14

CVE-2020-6280

CWE-200

SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure.

>>> Vendor: SAP 332 Products

Sap r 3 web application server demo

Internet transaction server

Mysap business suite

Sap web application server

Business connector

Internet graphics server

Sap basis component 640

Sap basis component 700

Netweaver nw04s

Internet communication manager

Sap message server

Business objects

Crystal reports server

Business one 2005-a

Businessobjects

J2ee engine core

Crystal reports

System landscape directory

Netweaver business client

Production planning and control

Healthcare industry solution

Erp cental component

Basis communication services

Erp central component

Network interface router

Netweaver logviewer

Netweaver development infrastructure

Customer relationship management

Netweaver solution manager

Netweaver exchange infrastructure (bc-xi)

Bi universal data integration

Ccms / database monitor

Guided procedures archive monitor

Mobile infrastructure

Solution manager

Enterprise portal

Software deployment manager

Enhancement package

Print and output management

Business object processing framework for abap

Netweaver software lifecycle manager

Netweaver abap application server

Profile maintenance

Background processing

Netweaver java application server

Web services tool

Computing center management system monitoring

Transaction data pool

Capacity leveling

Open hub service

Oil industry solution traders and schedulers workbench

Supplier relationship management

Hana extend application services

Netweaver business warehouse

Fi manager self-service

Businessobjects xi

Businessobjects explorer

Adaptive server enterprise

Commoncryptolib

Environment health and safety

Document management services

Customer relationship management internet sales

Payroll process

Business intelligence development workbench

Hana web-based development workbench

Contract accounting

Governance risk and compliance

See all Products for Vendor SAP

Copyright 2024, cxsecurity.com