SAP NetWeaver ABAP 702

CPE Details

SAP NetWeaver ABAP 702
sap
netweaver_abap
702
2021-06-23
13h24 +00:00
2022-10-06
13h20 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:sap:netweaver_abap:702:*:*:*:*:*:*:*

Informations

Vendor

sap

Product

netweaver_abap

Version

702

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-22545 2022-02-09 21h05 +00:00 A high privileged user who has access to transaction SM59 can read connection details stored with the destination for http calls in SAP NetWeaver Application Server ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756.
4.9
Moyen
CVE-2021-42067 2022-01-14 18h11 +00:00 In SAP NetWeaver AS for ABAP and ABAP Platform - versions 701, 702, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 786, an attacker authenticated as a regular user can use the S/4 Hana dashboard to reveal systems and services which they would not normally be allowed to see. No information alteration or denial of service is possible.
4.3
Moyen
CVE-2021-40496 2021-10-12 12h03 +00:00 SAP Internet Communication framework (ICM) - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 785, allows an attacker with logon functionality, to exploit the authentication function by using POST and form field to repeat executions of the initial command by a GET request and exposing sensitive data. This vulnerability is normally exposed over the network and successful exploitation can lead to exposure of data like system details.
4.3
Moyen
CVE-2021-38178 2021-10-12 12h03 +00:00 The software logistics system of SAP NetWeaver AS ABAP and ABAP Platform versions - 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, enables a malicious user to transfer ABAP code artifacts or content, by-passing the established quality gates. By this vulnerability malicious code can reach quality and production, and can compromise the confidentiality, integrity, and availability of the system and its data.
8.8
Haute
CVE-2021-38181 2021-10-12 12h03 +00:00 SAP NetWeaver AS ABAP and ABAP Platform - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
7.5
Haute
CVE-2021-33677 2021-07-14 09h03 +00:00 SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 702, 730, 731, 804, 740, 750, 784, expose functions to external which can lead to information disclosure.
7.5
Haute
CVE-2021-27610 2021-06-16 12h45 +00:00 SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804, does not create information about internal and external RFC user in consistent and distinguished format, which could lead to improper authentication and may be exploited by malicious users to obtain illegitimate access to the system.
9.8
Critique