Sap_se Sap Enable Now
6 CVEs affecting Sap_se Sap Enable Now. Latest disclosed: 2024-07-09. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-32730 | Medium | 6.5 | 2024-04-26 | SAP Enable Now Manager does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploita… |
CVE-2023-36918 | Medium | 6.1 | 2023-07-11 | In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-Content-Type-Options response header i… |
CVE-2023-33988 | Medium | 6.1 | 2023-07-11 | In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Content-Security-Policy and X-XSS-Protec… |
CVE-2023-36919 | Medium | 5.3 | 2023-07-11 | In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Referrer-Policy response header is not i… |
CVE-2024-39596 | Medium | 4.3 | 2024-07-09 | Due to missing authorization checks, SAP Enable Now allows an author to escalate privileges to access information which should otherwise be restricted. On succ… |
CVE-2024-34692 | Low | 3.3 | 2024-07-09 | Due to missing verification of file type or content, SAP Enable Now allows an authenticated attacker to upload arbitrary files. These files include executables… |