Sap Netweaver Vulnerabilidad

Cronología

El año pasado

Versión

7.50103
7.3087
7.4081
7.3180
7.2058

Contramedidas

Official Fix218
Temporary Fix0
Workaround2
Unavailable1
Not Defined187

Explotabilidad

High7
Functional0
Proof-of-Concept63
Unproven20
Not Defined318

Vector de acceso

Not Defined0
Physical1
Local4
Adjacent27
Network376

Autenticación

Not Defined0
High45
Low118
None245

La interacción del usuario

Not Defined0
Required108
None300

C3BM Index

El año pasado

CVSSv3 Base

≤10
≤20
≤33
≤423
≤578
≤6127
≤766
≤861
≤923
≤1027

CVSSv3 Temp

≤10
≤20
≤33
≤431
≤596
≤6117
≤763
≤854
≤936
≤108

VulDB

≤10
≤21
≤310
≤441
≤5106
≤688
≤761
≤869
≤96
≤1026

NVD

≤10
≤20
≤31
≤41
≤519
≤624
≤745
≤832
≤918
≤1030

CNA

≤10
≤20
≤31
≤42
≤510
≤622
≤727
≤81
≤910
≤1013

Proveedor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤101

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Explotar día 0

<1k1
<2k1
<5k27
<10k163
<25k184
<50k31
<100k0
≥100k1

Explotar hoy

<1k195
<2k47
<5k75
<10k79
<25k12
<50k0
<100k0
≥100k0

Explotar el volumen del mercado

El año pasado

🔴 CTI Ocupaciones

Affected Versions (194): 2.0 SP5, 3.0, 4.0, 5.555.38, 6.0, 6.1, 6.2, 6.3, 6.4, 6.5, 6.6, 6.7, 6.8, 6.9, 6.10, 6.11, 6.12, 6.13, 6.14, 6.15, 6.16, 6.17, 6.18, 6.19, 6.20, 6.21, 6.22, 6.23, 6.24, 6.25, 6.26, 6.27, 6.28, 6.29, 6.30, 6.31, 6.32, 6.33, 6.34, 6.35, 6.36, 6.37, 6.38, 6.39, 6.40, 7.0, 7.0 EHP2, 7.0.573, 7.00, 7.01, 7.02, 7.03, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7, 7.8, 7.9, 7.10, 7.11, 7.12, 7.13, 7.14, 7.15, 7.16, 7.17, 7.18, 7.19, 7.20, 7.21, 7.21EXT, 7.22, 7.22EXT, 7.23, 7.24, 7.25, 7.26, 7.27, 7.28, 7.29, 7.30, 7.30 (Basis 720 SP 0, 7.31, 7.31. 7.4, 7.31.201109172004, 7.32, 7.33, 7.34, 7.35, 7.36, 7.37, 7.38, 7.39, 7.40, 7.40 SP12, 7.41, 7.42, 7.43, 7.44, 7.45, 7.46, 7.47, 7.48, 7.49, 7.50, 7.50The, 7.51, 7.52, 7.53, 7.54, 7.70, 7.70 BYD, 7.70 PI, 7.73, 7.74, 7.75, 7.77, 7.81, 7.82, 7.83, 7.84, 7.85, 7.86, 7.87, 7.88, 7.89, 7.91, 7.92, 7.93, 7.94, 8.04, 75A, 75B, 75C, 75D, 75E, 600, 602, 603, 604, 605, 606, 617, 618, 700, 701, 702, 707, 710, 710.750, 711, 720, 730, 731, 737, 740, 747, 750, 751, 752, 753, 754, 755, 756, 757, 758, 782, 784, 786, 787, 789, 790, 791, 793, 794, 800, 802, 803, 804, 805, 806, 807, 2004s, 7400.12.21.30308, <=700, Kernel 720 patch 68), SAP_BASIS 700, SAP_BASIS731, SAP_BASIS740, SAP_BASIS750, Sp8

Link to Product Website: https://www.sap.com

Tipo de software: Solution Stack Software

Fecha de publicaciónBaseTempVulnerabilidad0dayHoyExpConCTICVE
2024-04-096.56.3SAP NetWeaver AS ABAP and ABAP Platform denegación de servicio$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2024-30218
2024-04-097.57.4SAP NetWeaver AS Java User Management Engine User Admin Application escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.07CVE-2024-27899
2024-04-095.35.2SAP NetWeaver escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2024-27898
2024-03-125.35.2SAP NetWeaver Enterprise Portal divulgación de información$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-25645
2024-03-124.44.4SAP NetWeaver AS ABAP WebGUI cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-27902
2024-03-125.35.2SAP NetWeaver WSRM divulgación de información$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2024-25644
2024-03-128.18.0SAP NetWeaver AS Java Administrator Log Viewer Plug-In escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2024-22127
2024-03-125.35.2SAP NetWeaver Process Integration Support Web Pages divulgación de información$5k-$25k$0-$5kNot DefinedOfficial Fix0.08CVE-2024-28163
2024-02-134.54.4SAP NetWeaver Business Client for HTML cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2024-22128
2024-02-136.56.4SAP NetWeaver AS Java User Admin Application cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2024-22126
2024-02-135.35.2SAP NetWeaver Application Server ABAP Kernel divulgación de información$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2024-24740
2024-02-136.96.8SAP NetWeaver AS Java Guided Procedures XML External Entity$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2024-24743
2024-01-094.54.5SAP NetWeaver Internet Communication Manager divulgación de información$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2024-22124
2024-01-094.34.3SAP NetWeaver ABAP Application Server and ABAP Platform cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-21738
2023-12-125.95.8SAP NetWeaver Application Server ABAP and ABAP Platform GUI escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-49581
2023-11-144.54.4SAP NetWeaver AS Java Logon Application divulgación de información$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-42480
2023-11-145.35.2SAP NetWeaver Application Server ABAP/ABAP Platform Restrictions divulgación de información$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-41366
2023-10-106.96.8SAP NetWeaver AS Java GRMG Heartbeat Application escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-42477
2023-09-128.58.4SAP CommonCryptoLib escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-40309
2023-09-125.35.2SAP NetWeaver Guided Procedures autenticación débil$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-41367
2023-09-124.84.8SAP NetWeaver AS ABAP Unified Rendering cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-40624
2023-08-085.25.1SAP NetWeaver Process Integration cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.01CVE-2023-37488
2023-08-084.74.7SAP NetWeaver Application Server ABAP/ABAP Platform escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-37492
2023-07-117.27.1SAP NetWeaver BI CONT Add-On directory traversal$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-33989
2023-07-115.95.8SAP NetWeaver AS for Java Request escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-31405

383 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 383 results.

más entradas por Sap

AnteriorVisión De ConjuntoPróximo

Do you know our Splunk app?

Download it now for free!