Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
SAP SE SAP Business Client

Version < 7.0

OTHER 3 CVEs

Known Vulnerabilities

CVE-2021-38150

When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the corresponding backend for which the credentials are valid.

MEDIUM CVSS 6.1 Published Sep 14, 2021

CVE-2020-6244

SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. An attacker could thereby control the behavior of the application.

HIGH CVSS 7.0 Published May 12, 2020

CVE-2020-6228

SAP Business Client, versions 6.5, 7.0, does not perform necessary integrity checks which could be exploited by an attacker under certain conditions to modify the installer.

MEDIUM CVSS 5.3 Published Apr 14, 2020