SAP NetWeaver Application Server ABAP

731

SINGLE_NUMBER 1 CVE

710

SINGLE_NUMBER 1 CVE

= 789

OTHER 2 CVEs

751

SINGLE_NUMBER 1 CVE

711

SINGLE_NUMBER 1 CVE

754

SINGLE_NUMBER 2 CVEs

740

SINGLE_NUMBER 1 CVE

700

SINGLE_NUMBER 1 CVE

750

SINGLE_NUMBER 1 CVE

= 731

OTHER 2 CVEs

701

SINGLE_NUMBER 1 CVE

= 700

OTHER 2 CVEs

753

SINGLE_NUMBER 2 CVEs

756

SINGLE_NUMBER 2 CVEs

= 740

OTHER 2 CVEs

= 804

OTHER 2 CVEs

730

SINGLE_NUMBER 1 CVE

755

SINGLE_NUMBER 2 CVEs

= 750

OTHER 2 CVEs

702

SINGLE_NUMBER 1 CVE

752

SINGLE_NUMBER 1 CVE

CVE-2022-41214

Due to insufficient input validation, SAP NetWeaver Application Server ABAP and ABAP Platform allows an attacker with high level privileges to use a remote enabled function to delete a file which is otherwise restricted. On successful exploitation an attacker can completely compromise the integrity and availability of the application.

HIGH Nov 08, 2022

CVE-2022-41212

Due to insufficient input validation, SAP NetWeaver Application Server ABAP and ABAP Platform allows an attacker with high level privileges to use a remote enabled function to read a file which is otherwise restricted. On successful exploitation an attacker can completely compromise the confidentiality of the application.

MEDIUM Nov 08, 2022

CVE-2022-29610

SAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack.

UNKNOWN May 11, 2022

CVE-2022-22545

A high privileged user who has access to transaction SM59 can read connection details stored with the destination for http calls in SAP NetWeaver Application Server ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756.

UNKNOWN Feb 09, 2022