# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2021-44234 |
532 |
|
|
2022-01-14 |
2022-01-21 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
SAP Business One - version 10.0, extended log stores information that can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information. |
2 |
CVE-2021-41251 |
200 |
|
+Info |
2021-11-05 |
2021-11-15 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
@sap-cloud-sdk/core contains the core functionality of the SAP Cloud SDK as well as the SAP Business Technology Platform abstractions. This affects applications on SAP Business Technology Platform that use the SAP Cloud SDK and enabled caching of destinations. In affected versions and in some cases, when user information was missing, destinations were cached without user information, allowing other users to retrieve the same destination with its permissions. By default, destination caching is disabled. The security for caching has been increased. The changes are released in version 1.52.0. Users unable to upgrade are advised to disable destination caching (it is disabled by default). |
3 |
CVE-2021-40503 |
522 |
|
+Info |
2021-11-10 |
2021-11-29 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in SAP GUI for Windows - versions < 7.60 PL13, 7.70 PL4, which allows an attacker with sufficient privileges on the local client-side PC to obtain an equivalent of the user’s password. With this highly sensitive data leaked, the attacker would be able to logon to the backend system the SAP GUI for Windows was connected to and launch further attacks depending on the authorizations of the user. |
4 |
CVE-2021-40498 |
|
|
DoS |
2021-10-12 |
2021-10-18 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
A vulnerability has been identified in SAP SuccessFactors Mobile Application for Android - versions older than 2108, which allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service, which can lead to denial of service. The vulnerability is related to Android implementation methods that are widely used across Android mobile applications, and such methods are embedded into the SAP SuccessFactors mobile application. These Android methods begin executing once the user accesses their profile on the mobile application. While executing, it can also pick up the activities from other Android applications that are running in the background of the users device and are using the same types of methods in the application. Such vulnerability can also lead to phishing attacks that can be used for staging other types of attacks. |
5 |
CVE-2021-33703 |
79 |
|
XSS |
2021-08-10 |
2022-02-04 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
Under certain conditions, NetWeaver Enterprise Portal, versions - 7.30, 7.31, 7.40, 7.50, does not sufficiently encode URL parameters. An attacker can craft a malicious link and send it to a victim. A successful attack results in Reflected Cross-Site Scripting (XSS) vulnerability. |
6 |
CVE-2021-33702 |
79 |
|
Exec Code XSS |
2021-08-10 |
2022-02-04 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
Under certain conditions, NetWeaver Enterprise Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode report data. An attacker can craft malicious data and print it to the report. In a successful attack, a victim opens the report, and the malicious script gets executed in the victim's browser, resulting in a Stored Cross-Site Scripting (XSS) vulnerability. |
7 |
CVE-2021-33662 |
200 |
|
+Info |
2021-06-09 |
2021-06-15 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Under certain conditions, the installation of SAP Business One, version - 10.0, discloses sensitive information on the file system allowing an attacker to access information which would otherwise be restricted. |
8 |
CVE-2021-21448 |
|
|
|
2021-01-12 |
2022-07-12 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for Application Server ABAP backend systems in the client PCs memory. Under certain conditions the attacker can access information which would otherwise be restricted. The exploit can only be executed locally on the client PC and not via Network and the attacker needs at least user authorization of the Operating System user of the victim. |
9 |
CVE-2020-26816 |
311 |
|
|
2020-12-09 |
2021-07-21 |
2.7 |
None |
Local Network |
Low |
??? |
Partial |
None |
None |
SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted. This enables an attacker who has administrator access to the SAP NetWeaver AS Java to decode the keys because of missing encryption and get some application data and client credentials of adjacent systems. This highly impacts Confidentiality as information disclosed could contain client credentials of adjacent systems. |
10 |
CVE-2020-26807 |
276 |
|
|
2020-11-10 |
2020-11-24 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
SAP ERP Client for E-Bilanz, version - 1.0, installation sets Incorrect default filesystem permissions are set in its installation folder which allows anyone to modify the files in the folder. |
11 |
CVE-2020-6317 |
200 |
|
+Info |
2020-11-30 |
2021-07-21 |
2.7 |
None |
Local Network |
Low |
??? |
Partial |
None |
None |
In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or render unavailable any other information in the cockpit or system. This affects SAP Adaptive Server Enterprise, Versions - 15.7, 16.0. |
12 |
CVE-2020-6297 |
200 |
|
+Info |
2020-08-12 |
2021-07-21 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Under certain conditions the upgrade of SAP Data Hub 2.7 to SAP Data Intelligence, version - 3.0, allows an attacker to access confidential system configuration information, that should otherwise be restricted, leading to Information Disclosure. |
13 |
CVE-2020-6239 |
200 |
|
+Info |
2020-06-10 |
2021-07-21 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Under certain conditions SAP Business One (Backup service), versions 9.3, 10.0, allows an attacker with admin permissions to view SYSTEM user password in clear text, leading to Information Disclosure. |
14 |
CVE-2020-6220 |
79 |
|
XSS |
2022-06-06 |
2022-06-14 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
BI Launchpad and CMC in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. Exploit is possible only when the bttoken in victim’s session is active. |
15 |
CVE-2020-6197 |
613 |
|
|
2020-03-10 |
2020-03-12 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. The Insufficient Session Expiration may allow attackers with local access, for instance, to still download the portables. |
16 |
CVE-2019-0402 |
|
|
|
2019-12-11 |
2020-08-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
SAP Adaptive Server Enterprise, before versions 15.7 and 16.0, under certain conditions exposes some sensitive information to the admin, leading to Information Disclosure. |
17 |
CVE-2019-0381 |
552 |
|
|
2019-10-08 |
2019-10-15 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
A binary planting in SAP SQL Anywhere, before version 17.0, SAP IQ, before version 16.1, and SAP Dynamic Tier, before versions 1.0 and 2.0, can result in the inadvertent access of files located in directories outside of the paths specified by the user. |
18 |
CVE-2019-0353 |
|
|
|
2019-09-10 |
2020-08-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Under certain conditions SAP Business One client (B1_ON_HANA, SAP-M-BO), before versions 9.2 and 9.3, allows an attacker to access information which would otherwise be restricted. |
19 |
CVE-2019-0307 |
311 |
|
+Priv |
2019-06-12 |
2020-08-24 |
2.7 |
None |
Local Network |
Low |
??? |
Partial |
None |
None |
Diagnostics Agent in Solution Manager, version 7.2, stores several credentials such as SLD user connection as well as Solman user communication in the SAP Secure Storage file which is not encrypted by default. By decoding these credentials, an attacker with admin privileges could gain access to the entire configuration, but no system sensitive information can be gained. |
20 |
CVE-2019-0291 |
|
|
|
2019-05-14 |
2020-08-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Under certain conditions Solution Manager, version 7.2, allows an attacker to access information which would otherwise be restricted. |
21 |
CVE-2019-0256 |
|
|
|
2019-02-15 |
2020-08-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Under certain conditions SAP Business One Mobile Android App, version 1.2.12, allows an attacker to access information which would otherwise be restricted. |
22 |
CVE-2018-2440 |
532 |
|
|
2018-07-10 |
2018-09-06 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Under certain circumstances SAP Dynamic Authorization Management (DAM) by NextLabs (Java Policy Controller versions 7.7 and 8.5) exposes sensitive information in the application logs. |
23 |
CVE-2018-2425 |
|
|
|
2018-06-12 |
2020-08-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA backup service allows an attacker to access information which would otherwise be restricted. |
24 |
CVE-2016-7437 |
|
|
|
2016-10-13 |
2016-10-13 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312. |
25 |
CVE-2016-6149 |
200 |
|
+Info |
2016-08-05 |
2016-11-28 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
SAP HANA SPS09 1.00.091.00.14186593 allows local users to obtain sensitive information by leveraging the EXPORT statement to export files, aka SAP Security Note 2252941. |
26 |
CVE-2016-5845 |
|
|
DoS |
2016-08-13 |
2020-06-25 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905. |
27 |
CVE-2016-3640 |
200 |
|
+Info |
2016-08-05 |
2016-08-11 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The Extended Application Services (aka XS or XS Engine) in SAP HANA DB 1.00.091.00.1418659308 allows local users to obtain sensitive password information via vectors related to passwords in Web Dispatcher trace files, aka SAP Security Note 2148905. |
28 |
CVE-2016-3638 |
119 |
|
DoS Overflow Mem. Corr. |
2016-10-13 |
2016-10-14 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
SAP SLD Registration Program (aka SLDREG) allows local users to cause a denial of service (memory corruption and process termination) via a crafted HOST parameter, aka SAP Security Note 2125623. |
29 |
CVE-2015-7731 |
200 |
|
+Info |
2021-08-09 |
2021-08-17 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
SAP Mobile Platform 3.0 SP05 ClientHub allows attackers to obtain the keystream and other sensitive information via the DataVault, aka SAP Security Note 2094830. |
30 |
CVE-2015-3978 |
200 |
|
+Info |
2015-05-12 |
2018-12-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
SAP Sybase Unwired Platform Online Data Proxy allows local users to obtain usernames and passwords via the DataVault, aka SAP Security Note 2094830. |
31 |
CVE-2014-5171 |
310 |
|
+Info |
2014-07-31 |
2018-10-09 |
2.9 |
None |
Local Network |
Medium |
Not required |
Partial |
None |
None |
SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network. |