CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SAP : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-42062 862 2021-11-10 2021-11-15
4.0
None Remote Low ??? Partial None None
SAP ERP HCM Portugal does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only reads the payroll information, the attacker can neither modify any information nor cause availability impacts.
2 CVE-2021-40504 863 2021-11-10 2021-11-13
4.0
None Remote Low ??? None Partial None
A certain template role in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, contains transport authorizations, which exceed expected display only permissions.
3 CVE-2021-40496 668 Exec Code 2021-10-12 2021-11-24
4.0
None Remote Low ??? Partial None None
SAP Internet Communication framework (ICM) - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 785, allows an attacker with logon functionality, to exploit the authentication function by using POST and form field to repeat executions of the initial command by a GET request and exposing sensitive data. This vulnerability is normally exposed over the network and successful exploitation can lead to exposure of data like system details.
4 CVE-2021-38183 79 Exec Code XSS 2021-10-12 2021-10-19
4.3
None Remote Medium Not required None Partial None
SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an attacker to cause a potential victim to supply a malicious content to a vulnerable web application, which is then reflected to the victim and executed by the web browser, resulting in Cross-Site Scripting vulnerability.
5 CVE-2021-38179 522 2021-10-12 2021-10-19
4.0
None Remote Low ??? Partial None None
Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows Admin User to see the captured packet contents which may include User credentials.
6 CVE-2021-38174 20 2021-09-14 2021-09-24
4.3
None Remote Medium Not required None None Partial
When a user opens manipulated files received from untrusted sources in SAP 3D Visual Enterprise Viewer version - 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
7 CVE-2021-38150 522 2021-09-14 2021-09-23
4.3
None Remote Medium Not required Partial None None
When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the corresponding backend for which the credentials are valid.
8 CVE-2021-37532 22 +Priv Dir. Trav. 2021-09-14 2021-09-23
4.0
None Remote Low ??? Partial None None
SAP Business One version - 10, due to improper input validation, allows an authenticated User to gain access to directory and view the contents of index in the directory, which would otherwise be restricted to high privileged User.
9 CVE-2021-33706 20 2021-08-10 2021-08-17
4.0
None Remote Low ??? None Partial None
Due to improper input validation in InfraBox, logs can be modified by an authenticated user.
10 CVE-2021-33700 287 +Info 2021-09-15 2021-09-28
4.6
None Local Low Not required Partial Partial Partial
SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could so obtain highly sensitive information which the attacker could use to take substantial control of the vulnerable application.
11 CVE-2021-33691 79 Exec Code XSS 2021-09-15 2021-09-28
4.3
None Remote Medium Not required None Partial None
NWDI Notification Service versions - 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.SAP NetWeaver Development Infrastructure Notification Service allows a threat actor to send crafted scripts to a victim. If the victim has an active session when the crafted script gets executed, the threat actor could compromise information in victims session, and gain access to some sensitive information also.
12 CVE-2021-33689 2021-07-14 2021-07-16
4.0
None Remote Low ??? None Partial None
When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applications), version - 7.50, no security audit log is created. Therefore, security audit log Integrity is impacted.
13 CVE-2021-33688 89 Sql +Info 2021-09-14 2021-09-23
4.0
None Remote Low ??? Partial None None
SAP Business One allows an attacker with business privileges to execute crafted database queries, exposing the back-end database. Due to framework restrictions, only some information can be obtained.
14 CVE-2021-33687 XSS 2021-07-14 2021-11-04
4.0
None Remote Low ??? Partial None None
SAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 reveals sensitive information in one of their HTTP requests, an attacker can use this in conjunction with other attacks such as XSS to steal this information.
15 CVE-2021-33685 22 Dir. Trav. 2021-09-14 2021-09-24
4.0
None Remote Low ??? Partial None None
SAP Business One version - 10.0 allows low-level authorized attacker to traverse the file system to access files or directories that are outside of the restricted directory. A successful attack allows access to high level sensitive data
16 CVE-2021-33683 444 Bypass 2021-07-14 2021-07-27
4.0
None Remote Low ??? None Partial None
SAP Web Dispatcher and Internet Communication Manager (ICM), versions - KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.73, WEBDISP 7.53, 7.73, 7.77, 7.81, 7.82, 7.83, KERNEL 7.21, 7.22, 7.49, 7.53, 7.73, 7.77, 7.81, 7.82, 7.83, process invalid HTTP header. The incorrect handling of the invalid Transfer-Encoding header in a particular manner leads to a possibility of HTTP Request Smuggling attack. An attacker could exploit this vulnerability to bypass web application firewall protection, divert sensitive data such as customer requests, session credentials, etc.
17 CVE-2021-33681 787 2021-07-14 2021-07-16
4.3
None Remote Medium Not required None None Partial
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes out of bounds write and causes the application to crash and becoming temporarily unavailable until the user restarts the application.
18 CVE-2021-33680 120 Overflow 2021-07-14 2021-07-16
4.3
None Remote Medium Not required None None Partial
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes buffer overflow and causes the application to crash and becoming temporarily unavailable until the user restarts the application.
19 CVE-2021-33675 79 Exec Code XSS 2021-09-14 2021-09-24
4.3
None Remote Medium Not required None Partial None
Under certain conditions, SAP Contact Center - version 700, does not sufficiently encode user-controlled inputs. This allows an attacker to exploit a Reflected Cross-Site Scripting (XSS) vulnerability through phishing and to execute arbitrary code on the victim's browser.
20 CVE-2021-33674 79 Exec Code XSS 2021-09-14 2021-09-24
4.3
None Remote Medium Not required None Partial None
Under certain conditions, SAP Contact Center - version 700, does not sufficiently encode user-controlled inputs. This allows an attacker to exploit a Reflected Cross-Site Scripting (XSS) vulnerability when creating a new email and to execute arbitrary code on the victim's browser.
21 CVE-2021-33673 79 Exec Code XSS 2021-09-14 2021-09-24
4.3
None Remote Medium Not required None Partial None
Under certain conditions, SAP Contact Center - version 700,does not sufficiently encode user-controlled inputs and persists in them. This allows an attacker to exploit a Stored Cross-Site Scripting (XSS) vulnerability when a user browses through the employee directory and to execute arbitrary code on the victim's browser. Due to the usage of ActiveX in the application, the attacker can further execute operating system level commands.
22 CVE-2021-33667 2021-07-14 2021-07-16
4.0
None Remote Low ??? Partial None None
Under certain conditions, SAP Business Objects Web Intelligence (BI Launchpad) versions - 420, 430, allows an attacker to access jsp source code, through SDK calls, of Analytical Reporting bundle, a part of the frontend application, which would otherwise be restricted.
23 CVE-2021-33666 79 XSS 2021-06-09 2021-06-21
4.3
None Remote Medium Not required None Partial None
When SAP Commerce Cloud version 100, hosts a JavaScript storefront, it is vulnerable to MIME sniffing, which, in certain circumstances, could be used to facilitate an XSS attack or malware proliferation.
24 CVE-2021-33661 20 2021-06-09 2021-06-11
4.3
None Remote Medium Not required None None Partial
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
25 CVE-2021-33660 20 2021-06-09 2021-06-11
4.3
None Remote Medium Not required None None Partial
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FLI file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
26 CVE-2021-33659 20 2021-06-09 2021-06-11
4.3
None Remote Medium Not required None None Partial
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
27 CVE-2021-27643 20 2021-06-09 2021-06-11
4.3
None Remote Medium Not required None None Partial
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
28 CVE-2021-27642 20 2021-06-09 2021-06-11
4.3
None Remote Medium Not required None None Partial
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
29 CVE-2021-27641 20 2021-06-09 2021-06-11
4.3
None Remote Medium Not required None None Partial
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
30 CVE-2021-27640 20 2021-06-09 2021-06-11
4.3
None Remote Medium Not required None None Partial
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PSD file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
31 CVE-2021-27639 20 2021-06-09 2021-06-11
4.3
None Remote Medium Not required None None Partial
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated JT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
32 CVE-2021-27638 20 2021-06-09 2021-06-11
4.3
None Remote Medium Not required None None Partial
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated JT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
33 CVE-2021-27634 20 2021-06-09 2021-11-04
4.3
None Remote Medium Not required None None Partial
SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger an internal error in the system due to improper input validation in method ThCpicDtCreate () causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
34 CVE-2021-27627 20 Mem. Corr. 2021-06-09 2021-11-04
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method ChartInterpreter::DoIt() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
35 CVE-2021-27626 20 Mem. Corr. 2021-06-09 2021-11-04
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CMiniXMLParser::Parse() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
36 CVE-2021-27625 20 Mem. Corr. 2021-06-09 2021-11-04
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method IgsData::freeMemory() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
37 CVE-2021-27624 20 Mem. Corr. 2021-06-09 2021-11-04
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CiXMLIStreamRawBuffer::readRaw () which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
38 CVE-2021-27623 20 Mem. Corr. 2021-06-09 2021-06-14
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CXmlUtility::CheckLength() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
39 CVE-2021-27622 20 Mem. Corr. 2021-06-09 2021-11-04
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CDrawRaster::LoadImageFromMemory() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
40 CVE-2021-27621 668 2021-06-09 2021-06-16
4.0
None Remote Low ??? Partial None None
Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server for Java, versions - 7.11,7.20,7.30,7.31,7.40 and 7.50 allows attackers to access restricted information by entering malicious server name.
41 CVE-2021-27620 20 Mem. Corr. 2021-06-09 2021-11-04
4.3
None Remote Medium Not required None None Partial
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method Ups::AddPart() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.
42 CVE-2021-27619 20 2021-05-11 2021-05-19
4.0
None Remote Low ??? Partial None None
SAP Commerce (Backoffice Search), versions - 1808, 1811, 1905, 2005, 2011, allows a low privileged user to search for attributes which are not supposed to be displayed to them. Although the search results are masked, the user can iteratively enter one character at a time to search and determine the masked attribute value thereby leading to information disclosure.
43 CVE-2021-27618 434 DoS 2021-05-11 2021-08-27
4.0
None Remote Low ??? None None Partial
The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not check the file type extension of the file uploaded from local source. An attacker could craft a malicious file and upload it to the application, which could lead to denial of service and impact the availability of the application.
44 CVE-2021-27617 400 2021-05-11 2021-08-27
4.0
None Remote Low ??? None None Partial
The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document uploaded from local source. An attacker can craft a malicious XML which when uploaded and parsed by the application, could lead to Denial-of-service conditions due to consumption of a large amount of system memory, thus highly impacting system availability.
45 CVE-2021-27613 863 2021-05-11 2021-05-19
4.6
None Local Low Not required Partial Partial Partial
Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an attacker to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restricted, which could lead to Information Disclosure and highly impact system confidentiality, integrity and availability.
46 CVE-2021-27611 74 DoS Exec Code 2021-05-11 2021-05-19
4.6
None Local Low Not required Partial Partial Partial
SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to inject malicious code by executing an ABAP report when the attacker has access to the local SAP system. The attacker could then get access to data, overwrite them, or execute a denial of service.
47 CVE-2021-27609 862 2021-04-13 2021-04-20
4.0
None Remote Low ??? None Partial None
SAP Focused RUN versions 200, 300, does not perform necessary authorization checks for an authenticated user, which allows a user to call the oData service and manipulate the activation for the SAP EarlyWatch Alert service data collection and sending to SAP without the intended authorization.
48 CVE-2021-27608 428 2021-04-14 2021-04-20
4.4
None Local Medium Not required Partial Partial Partial
An unquoted service path in SAPSetup, version - 9.0, could lead to privilege escalation during the installation process that is performed when an executable file is registered. This could further lead to complete compromise of confidentiality, Integrity and Availability.
49 CVE-2021-27605 862 2021-04-13 2021-04-19
4.0
None Remote Low ??? Partial None None
SAP's HCM Travel Management Fiori Apps V2, version - 608, does not perform proper authorization check, allowing an authenticated but unauthorized attacker to read personnel numbers of employees, resulting in escalation of privileges. However, the attacker can only read some information like last name, first name of the employees, so there is some loss of confidential information, Integrity and Availability are not impacted.
50 CVE-2021-27604 611 2021-04-14 2021-08-27
4.0
None Remote Low ??? Partial None None
In order to prevent XML External Entity vulnerability in SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Enterprise Service Repository JAVA Mappings), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50, SAP recommends to refer this note.
Total number of vulnerabilities : 314   Page : 1 (This Page)2 3 4 5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.