|
|
SAP : Security Vulnerabilities
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2018-11415 |
79 |
|
XSS |
2018-05-24 |
2018-06-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
SAP Internet Transaction Server (ITS) 6200.X.X has Reflected Cross Site Scripting (XSS) via certain wgate URIs. NOTE: the vendor has reportedly indicated that there will not be any further releases of this product. |
|
2 |
CVE-2018-2479 |
79 |
|
XSS |
2018-11-13 |
2018-11-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
SAP BusinessObjects Business Intelligence Platform (BIWorkspace), versions 4.1 and 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. |
|
3 |
CVE-2018-2475 |
284 |
|
|
2018-10-09 |
2018-11-08 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
|
Following the Gardener architecture, the Kubernetes apiserver of a Gardener managed shoot cluster resides in the corresponding seed cluster. Due to missing network isolation a shoot's apiserver can access services/endpoints in the private network of its corresponding seed cluster. Combined with other minor Kubernetes security issues, the missing network isolation theoretically can lead to compromise other shoot or seed clusters in the "Gardener" context. The issue is rated high due to the high impact of a potential exploitation in "Gardener" context. This was fixed in Gardener release 0.12.4. |
|
4 |
CVE-2018-2472 |
79 |
|
XSS |
2018-10-09 |
2018-11-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web Intelligence DHTML client) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. |
|
5 |
CVE-2018-2471 |
200 |
|
+Info |
2018-10-09 |
2018-11-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 allows an attacker to access information which would otherwise be restricted. |
|
6 |
CVE-2018-2470 |
79 |
|
XSS |
2018-10-09 |
2018-11-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. |
|
7 |
CVE-2018-2469 |
200 |
|
+Info |
2018-10-09 |
2018-11-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Under certain conditions SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted. |
|
8 |
CVE-2018-2468 |
200 |
|
+Info |
2018-10-09 |
2018-11-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Under certain conditions the backup server in SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted. |
|
9 |
CVE-2018-2466 |
79 |
|
XSS |
2018-10-09 |
2018-11-23 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
In Impact and Lineage Analysis in SAP Data Services, version 4.2, the management console does not sufficiently validate user-controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability. |
|
10 |
CVE-2018-2465 |
20 |
|
|
2018-09-11 |
2018-11-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
SAP HANA (versions 1.0 and 2.0) Extended Application Services classic model OData parser does not sufficiently validate XML. By exploiting, an unauthorized hacker can cause the database server to crash. |
|
11 |
CVE-2018-2464 |
79 |
|
XSS |
2018-09-11 |
2018-11-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability. |
|
12 |
CVE-2018-2463 |
918 |
|
|
2018-09-11 |
2018-11-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC. |
|
13 |
CVE-2018-2462 |
20 |
|
|
2018-09-11 |
2018-11-26 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source. |
|
14 |
CVE-2018-2461 |
285 |
|
|
2018-09-11 |
2018-11-16 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
Missing authorization check in SAP HCM Fiori "People Profile" (GBX01 HR version 6.0) for an authenticated user which may result in an escalation of privileges. |
|
15 |
CVE-2018-2460 |
295 |
|
|
2018-09-11 |
2018-11-16 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
SAP Business One Android application, version 1.2, does not verify the certificate properly for HTTPS connection. This allows attacker to do MITM attack. |
|
16 |
CVE-2018-2459 |
254 |
|
|
2018-09-11 |
2018-11-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Users of an SAP Mobile Platform (version 3.0) Offline OData application, which uses Offline OData-supplied delta tokens (which is on by default), occasionally receive some data values of a different user. |
|
17 |
CVE-2018-2458 |
200 |
|
+Info |
2018-09-11 |
2018-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Under certain conditions, Crystal Report using SAP Business One, versions 9.2 and 9.3, connection type allows an attacker to access information which would otherwise be restricted. |
|
18 |
CVE-2018-2457 |
200 |
|
+Info |
2018-09-11 |
2018-11-16 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Under certain conditions SAP Adaptive Server Enterprise, version 16.0, allows some privileged users to access information which would otherwise be restricted. |
|
19 |
CVE-2018-2455 |
285 |
|
|
2018-09-11 |
2018-11-16 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 (in business function EAFS_BCA_BUSOPR_SEPA) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. |
|
20 |
CVE-2018-2454 |
285 |
|
|
2018-09-11 |
2018-11-16 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 (in business function EAFS_BCA_BUSOPR_2) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. |
|
21 |
CVE-2018-2452 |
79 |
|
XSS |
2018-09-11 |
2018-11-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in a cross-site scripting (XSS) vulnerability. |
|
22 |
CVE-2018-2451 |
284 |
|
|
2018-08-14 |
2018-10-18 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
|
XS Command-Line Interface (CLI) user sessions with the SAP HANA Extended Application Services (XS), version 1, advanced server may have an unintentional prolonged period of validity. Consequently, a platform user could access controller resources via active CLI session even after corresponding authorizations have been revoked meanwhile by an administrator user. Similarly, an attacker who managed to gain access to the platform user's session might misuse the session token even after the session has been closed. |
|
23 |
CVE-2018-2450 |
89 |
|
Sql |
2018-08-14 |
2018-10-11 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
SAP MaxDB (liveCache), versions 7.8 and 7.9, allows an attacker who gets DBM operator privileges to execute crafted database queries and therefore read, modify or delete sensitive data from database. |
|
24 |
CVE-2018-2449 |
287 |
|
|
2018-08-14 |
2018-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user. This is an unauthenticated functionality that you can use on windows machines to do SMB relaying. |
|
25 |
CVE-2018-2448 |
200 |
|
+Info |
2018-08-14 |
2018-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02) utilities functionality allows an attacker to access information of user existence which would otherwise be restricted. |
|
26 |
CVE-2018-2447 |
89 |
|
Sql |
2018-08-14 |
2018-10-11 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
SAP BusinessObjects Business Intelligence (Launchpad Web Intelligence), version 4.2, allows an attacker to execute crafted InfoObject queries, exposing the CMS InfoObjects database. |
|
27 |
CVE-2018-2446 |
200 |
|
+Info |
2018-08-14 |
2018-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure. |
|
28 |
CVE-2018-2445 |
918 |
|
|
2018-08-14 |
2018-10-15 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
|
AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an attacker to manipulate the vulnerable application to send crafted requests on behalf of the application, resulting in a Server-Side Request Forgery (SSRF) vulnerability. |
|
29 |
CVE-2018-2444 |
79 |
|
XSS |
2018-08-14 |
2018-10-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
SAP BusinessObjects Financial Consolidation, versions 10.0, 10.1, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. |
|
30 |
CVE-2018-2442 |
352 |
|
|
2018-08-14 |
2018-10-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details captured by an HTTP analysis tool could be reused in a HTML page while the user session is still valid. |
|
31 |
CVE-2018-2441 |
20 |
|
|
2018-08-14 |
2018-10-11 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
|
Under certain conditions the SAP Change and Transport System (ABAP), SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49, 7.53 and 7.73, allows an attacker to transport information which would otherwise be restricted. |
|
32 |
CVE-2018-2440 |
532 |
|
|
2018-07-10 |
2018-09-06 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Under certain circumstances SAP Dynamic Authorization Management (DAM) by NextLabs (Java Policy Controller versions 7.7 and 8.5) exposes sensitive information in the application logs. |
|
33 |
CVE-2018-2439 |
20 |
|
|
2018-07-10 |
2018-09-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has insufficient request validation (for example, where the request is validated for authenticity and validity) and under certain conditions, will process invalid requests. Several areas of the SAP Internet Graphics Server (IGS) did not require sufficient input validation. Namely, the SAP Internet Graphics Server (IGS) HTTP and RFC listener, SAP Internet Graphics Server (IGS) portwatcher when registering a portwatcher to the multiplexer and the SAP Internet Graphics Server (IGS) multiplexer had insufficient input validation and thus allowing a malformed data packet to cause a crash. |
|
34 |
CVE-2018-2438 |
399 |
|
|
2018-07-10 |
2018-09-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. |
|
35 |
CVE-2018-2437 |
77 |
|
Exec Code |
2018-07-10 |
2018-09-08 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification. |
|
36 |
CVE-2018-2436 |
285 |
|
|
2018-07-10 |
2018-09-07 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. |
|
37 |
CVE-2018-2435 |
79 |
|
XSS |
2018-07-10 |
2018-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. |
|
38 |
CVE-2018-2434 |
20 |
|
|
2018-07-10 |
2018-09-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). There is little impact as it is not possible to embed active contents such as JavaScript or hyperlinks. |
|
39 |
CVE-2018-2433 |
284 |
|
|
2018-07-10 |
2018-09-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
SAP Gateway (SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.53) allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. |
|
40 |
CVE-2018-2432 |
113 |
|
XSS |
2018-07-10 |
2018-09-06 |
4.9 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
None |
|
SAP BusinessObjects Business Intelligence (BI Launchpad and Central Management Console) versions 4.10, 4.20 and 4.30 allow an attacker to include invalidated data in the HTTP response header sent to a Web user. Successful exploitation of this vulnerability may lead to advanced attacks, including: cross-site scripting and page hijacking. |
|
41 |
CVE-2018-2431 |
79 |
|
XSS |
2018-07-10 |
2018-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. |
|
42 |
CVE-2018-2428 |
200 |
|
+Info |
2018-06-12 |
2018-08-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00. |
|
43 |
CVE-2018-2427 |
94 |
|
Exec Code |
2018-07-10 |
2018-09-06 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application. |
|
44 |
CVE-2018-2425 |
200 |
|
+Info |
2018-06-12 |
2018-08-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA backup service allows an attacker to access information which would otherwise be restricted. |
|
45 |
CVE-2018-2424 |
20 |
|
|
2018-06-12 |
2018-08-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00 |
|
46 |
CVE-2018-2423 |
399 |
|
|
2018-05-09 |
2018-06-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, HTTP and RFC listener allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. |
|
47 |
CVE-2018-2422 |
399 |
|
|
2018-05-09 |
2018-06-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. |
|
48 |
CVE-2018-2421 |
399 |
|
|
2018-05-09 |
2018-06-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. |
|
49 |
CVE-2018-2420 |
434 |
|
|
2018-05-09 |
2018-06-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to upload any file (including script files) without proper file format validation. |
|
50 |
CVE-2018-2419 |
264 |
|
|
2018-05-09 |
2018-06-14 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
|
SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1.02; EA-FINSERV 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. |
Total number of vulnerabilities : 478
Page :
1
(This Page) 2
3
4
5
6
7
8
9
10
|
|
