Sap Netweaver_abap
21 CVEs affecting Sap Netweaver_abap. Latest disclosed: 2024-08-13. Critical: 1, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-27610 | Critical | 9.8 | 2021-06-16 | SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804, does not create information about internal… |
CVE-2021-38178 | High | 8.8 | 2021-10-12 | The software logistics system of SAP NetWeaver AS ABAP and ABAP Platform versions - 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, enabl… |
CVE-2022-22543 | High | 7.5 | 2022-02-09 | SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) - versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC… |
CVE-2021-38181 | High | 7.5 | 2021-10-12 | SAP NetWeaver AS ABAP and ABAP Platform - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, allows an attacker to prevent legitimate us… |
CVE-2021-33677 | High | 7.5 | 2021-07-14 | SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 702, 730, 731, 804, 740, 750, 784, expose functions to external which can lead to information disc… |
CVE-2021-27633 | High | 7.5 | 2021-06-09 | SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNE… |
CVE-2021-27597 | High | 7.5 | 2021-06-09 | SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNE… |
CVE-2024-33005 | Medium | 6.3 | 2024-08-13 | Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP and Java), and SAP… |
CVE-2021-27634 | Medium | 5.9 | 2021-06-09 | SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNE… |
CVE-2021-40495 | Medium | 5.3 | 2021-10-12 | There are multiple Denial-of Service vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 75… |
CVE-2021-33684 | Medium | 5.3 | 2021-07-14 | SAP NetWeaver AS ABAP and ABAP Platform, versions - KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.2… |
CVE-2022-29614 | Medium | 5.0 | 2022-06-14 | SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database - versions KERNEL 7.22, 7.49, 7.53, 7.77… |
CVE-2022-22545 | Medium | 4.9 | 2022-02-09 | A high privileged user who has access to transaction SM59 can read connection details stored with the destination for http calls in SAP NetWeaver Application S… |
CVE-2022-28215 | Medium | 4.7 | 2022-04-12 | SAP NetWeaver ABAP Server and ABAP Platform - versions 740, 750, 787, allows an unauthenticated attacker to redirect users to a malicious site due to insuffici… |
CVE-2022-29612 | Medium | 4.3 | 2022-06-14 | SAP NetWeaver, ABAP Platform and SAP Host Agent - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KR… |
CVE-2021-42067 | Medium | 4.3 | 2022-01-14 | In SAP NetWeaver AS for ABAP and ABAP Platform - versions 701, 702, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 786, an attacker authenticated as a… |
CVE-2021-40496 | Medium | 4.3 | 2021-10-12 | SAP Internet Communication framework (ICM) - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 785, allows an attacker with logon funct… |
CVE-2017-9843 | Low | 2.7 | 2017-07-12 | SAP NetWeaver AS ABAP 7.40 allows remote authenticated users with certain privileges to cause a denial of service (process crash) via vectors involving disp+wo… |
CVE-2015-1309 | | 2015-01-22 | XML external entity vulnerability in the Extended Computer Aided Test Tool (eCATT) in SAP NetWeaver AS ABAP 7.31 and earlier allows remote attackers to access… | |
CVE-2014-8312 | | 2014-10-16 | Business Warehouse (BW) in SAP Netweaver AS ABAP 7.31 allows remote authenticated users to obtain sensitive information via a request to the RSDU_CCMS_GET_PROF… |