Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Process integration'
2021-05-11
CVE-2021-27617
CWE-400
The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document uploaded from local source. An attacker can craft a malicious XML which when uploaded and parsed by the application, could lead to Denial-of-service conditions due to consumption of a large amount of system memory, thus highly impacting system availability.
CVE-2021-27618
CWE-434
The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not check the file type extension of the file uploaded from local source. An attacker could craft a malicious file and upload it to the application, which could lead to denial of service and impact the availability of the application.
2021-04-14
CVE-2021-27604
CWE-611
In order to prevent XML External Entity vulnerability in SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Enterprise Service Repository JAVA Mappings), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50, SAP recommends to refer this note.
CVE-2021-27599
CWE-200
SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Integration Builder Framework), versions - 7.10, 7.30, 7.31, 7.40, 7.50, allows an attacker to access information under certain conditions, which would otherwise be restricted.
2020-01-14
CVE-2020-6305
CWE-79
PI Rest Adapter of SAP Process Integration (update provided in SAP_XIAF 7.31, 7.40, 7.50) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
2019-10-08
CVE-2019-0379
CWE-345
SAP Process Integration, business-to-business add-on, versions 1.0, 2.0, does not perform authentication check properly when the default security provider is changed to BouncyCastle (BC), leading to Missing Authentication Check
>>>
Vendor:
SAP
332
Produkty
Router
Application server
Sap r 3 web application server demo
Saposcol
E-commerce
Crystal reports
Sap db
Sap r 3
Sapgui
Adaptive server enterprise
Internet transaction server
Mysap business suite
Maxdb
Sap web application server
Business connector
Sapdba
Download manager
Infrastructure
Internet graphics server
Inventory manager
Saplpd
Sapsprint
Rfc library
Sap basis component 640
Sap basis component 700
Netweaver nw04
Netweaver nw04s
Enjoysap
Internet communication manager
Sap message server
Business objects
Sql anywhere
Netweaver
Web dynpro
Sap gui
Tabone
Commerce
Gateway
Crystal reports server
Sap kernel
Business one 2005-a
Businessobjects
J2ee engine core
Server core
System landscape directory
Netweaver business client
Netweaver abap
GUI
Production planning and control
Healthcare industry solution
Erp cental component
Basis communication services
Erp central component
Network interface router
Netweaver logviewer
Netweaver development infrastructure
Customer relationship management
Emr unwired
Netweaver solution manager
Netweaver exchange infrastructure (bc-xi)
Bi universal data integration
Ccms / database monitor
J2ee engine
Guided procedures archive monitor
Mobile infrastructure
Adminadapter
Cm services
Cms services
Ccms agent
Solution manager
Enterprise portal
Software deployment manager
Enhancement package
HANA
Print and output management
Business object processing framework for abap
Netweaver software lifecycle manager
Netweaver abap application server
Profile maintenance
Background processing
Netweaver java application server
Project system
Brazil
Web services tool
Computing center management system monitoring
Transaction data pool
Capacity leveling
Open hub service
Oil industry solution traders and schedulers workbench
Upgrade tools
Supplier relationship management
Hana extend application services
Netweaver business warehouse
Fi manager self-service
Businessobjects xi
Businessobjects explorer
Commoncryptolib
Sapcrytolib
Sapseculib
Environment health and safety
Zobacz wszystkie produkty dla producenta
SAP
Copyright
2024
, cxsecurity.com
Back to Top
Podatności dla 'Process integration' 
Polish
English