Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
SAP

SAP NetWeaver AS Java (ServerCore)

7 Versions 2 CVEs

Versions

= 7.40

OTHER 2 CVEs

= 7.30

OTHER 2 CVEs

= 7.31

OTHER 2 CVEs

= 7.11

OTHER 2 CVEs

= 7.10

OTHER 1 CVE

= 7.20

OTHER 2 CVEs

= 7.50

OTHER 2 CVEs

Recent CVEs

CVE-2018-2503

By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50).

UNKNOWN Dec 11, 2018

CVE-2018-2504

SAP NetWeaver AS Java Web Container service does not validate against whitelist the HTTP host header which can result in HTTP Host Header Manipulation or Cross-Site Scripting (XSS) vulnerability. This is fixed in versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50.

UNKNOWN Dec 11, 2018