Sap_se Sap Netweaver As Java
4 CVEs affecting Sap_se Sap Netweaver As Java. Latest disclosed: 2024-12-10. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-34688 | High | 7.5 | 2024-06-11 | Due to unrestricted access to the Meta Model Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks on the application, which may prev… |
CVE-2023-42477 | Medium | 6.5 | 2023-10-10 | SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50, allows an attacker to send a crafted request from a vulnerable web application, causing limi… |
CVE-2024-47582 | Medium | 5.3 | 2024-12-10 | Due to missing validation of XML input, an unauthenticated attacker could send malicious input to an endpoint which leads to XML Entity Expansion attack. This… |
CVE-2024-28164 | Medium | 5.3 | 2024-06-11 | SAP NetWeaver AS Java (CAF - Guided Procedures) allows an unauthenticated user to access non-sensitive information about the server which would otherwise be re… |