Sap Netweaver Vulnerabilidad

Cronología

El año pasado

Versión

7.3087
7.5085
7.4081
7.3180
7.2058

Contramedidas

Official Fix185
Temporary Fix0
Workaround2
Unavailable1
Not Defined187

Explotabilidad

High7
Functional0
Proof-of-Concept63
Unproven20
Not Defined285

Vector de acceso

Not Defined0
Physical1
Local3
Adjacent27
Network344

Autenticación

Not Defined0
High38
Low112
None225

La interacción del usuario

Not Defined0
Required99
None276

C3BM Index

El año pasado

CVSSv3 Base

≤10
≤20
≤32
≤424
≤571
≤6113
≤759
≤861
≤918
≤1027

CVSSv3 Temp

≤10
≤20
≤32
≤432
≤589
≤6103
≤756
≤853
≤932
≤108

VulDB

≤10
≤20
≤38
≤436
≤599
≤680
≤758
≤862
≤96
≤1026

NVD

≤10
≤20
≤31
≤41
≤519
≤621
≤744
≤831
≤916
≤1028

CNA

≤10
≤20
≤30
≤42
≤54
≤65
≤717
≤81
≤95
≤109

Proveedor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤101

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Explotar día 0

<1k1
<2k0
<5k30
<10k138
<25k174
<50k31
<100k0
≥100k1

Explotar hoy

<1k159
<2k40
<5k85
<10k66
<25k25
<50k0
<100k0
≥100k0

Explotar el volumen del mercado

El año pasado

🔴 CTI Ocupaciones

Affected Versions (168): 2.0 SP5, 3.0, 4.0, 5.555.38, 6.0, 6.1, 6.2, 6.3, 6.4, 6.5, 6.6, 6.7, 6.8, 6.9, 6.10, 6.11, 6.12, 6.13, 6.14, 6.15, 6.16, 6.17, 6.18, 6.19, 6.20, 6.21, 6.22, 6.23, 6.24, 6.25, 6.26, 6.27, 6.28, 6.29, 6.30, 6.31, 6.32, 6.33, 6.34, 6.35, 6.36, 6.37, 6.38, 6.39, 6.40, 7.0, 7.0 EHP2, 7.0.573, 7.00, 7.01, 7.02, 7.03, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7, 7.8, 7.9, 7.10, 7.11, 7.12, 7.13, 7.14, 7.15, 7.16, 7.17, 7.18, 7.19, 7.20, 7.21, 7.21EXT, 7.22, 7.22EXT, 7.23, 7.24, 7.25, 7.26, 7.27, 7.28, 7.29, 7.30, 7.30 (Basis 720 SP 0, 7.31, 7.31. 7.4, 7.31.201109172004, 7.32, 7.33, 7.34, 7.35, 7.36, 7.37, 7.38, 7.39, 7.40, 7.40 SP12, 7.41, 7.42, 7.43, 7.44, 7.45, 7.46, 7.47, 7.48, 7.49, 7.50, 7.50The, 7.51, 7.52, 7.53, 7.54, 7.70, 7.70 BYD, 7.70 PI, 7.73, 7.74, 7.75, 7.77, 7.81, 7.82, 7.83, 7.84, 7.85, 7.86, 7.87, 7.88, 8.04, 75A, 75B, 75C, 75D, 75E, 700, 701, 702, 707, 710, 710.750, 711, 720, 730, 731, 737, 740, 747, 750, 751, 752, 753, 754, 755, 756, 757, 782, 784, 786, 787, 789, 790, 791, 804, 2004s, 7400.12.21.30308, <=700, Kernel 720 patch 68), Sp8

Link to Product Website: https://www.sap.com

Tipo de software: Solution Stack Software

Fecha de publicaciónBaseTempVulnerabilidad0dayHoyExpConCTICVE
2023-04-115.35.2SAP NetWeaver AS Java for Deploy Service Directory API autenticación débil$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-24527
2023-04-116.36.3SAP NetWeaver BI CONT Addon directory traversal$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-29186
2023-04-115.04.9SAP NetWeaver AS for ABAP Business Server Pages denegación de servicio$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-29185
2023-04-115.45.3SAP NetWeaver AS for ABAP and ABAP Platform denegación de servicio$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-28763
2023-04-116.96.8SAP NetWeaver Enterprise Portal Open API autenticación débil$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-28761
2023-03-145.35.2SAP NetWeaver Application Server for Java Cache Management Service escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-26460
2023-03-145.25.1SAP NetWeaver cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-0021
2023-03-147.47.3SAP NetWeaver AS for ABAP and ABAP Platform directory traversal$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-27501
2023-03-147.57.4SAP NetWeaver Application Server for ABAP and ABAP Platform directory traversal$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-27269
2023-03-145.35.2SAP NetWeaver AS Java Object Analyzing Service escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-27268
2023-03-146.86.7SAP NetWeaver AS for ABAP and ABAP Platform escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-26459
2023-03-145.35.2SAP NetWeaver Application Server Java for Classload Service autenticación débil$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-24526
2023-03-145.45.3SAP NetWeaver Application Server for ABAP and ABAP Platform denegación de servicio$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-27270
2023-03-144.84.8SAP NetWeaver Enterprise Portal XML External Entity$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-26461
2023-03-145.45.3SAP NetWeaver Application Server for ABAP and ABAP Platform Error denegación de servicio$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-25618
2023-03-148.68.5SAP NetWeaver AS for Java Open Interface autenticación débil$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-23857
2023-02-146.26.0SAP NetWeaver Application Server for ABAP and ABAP Platform Link Redirect$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2023-23853
2023-02-145.75.6SAP NetWeaver Application Server ABAP Link Redirect$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2023-23860
2023-02-145.25.1SAP NetWeaver Application Server ABAP Link cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-23859
2023-02-144.64.6SAP NetWeaver Application Server ABAP escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-23854
2023-02-145.25.1SAP NetWeaver AS ABAP cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-25614
2023-02-145.25.1SAP NetWeaver AS ABAP Business Server Pages cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2023-24522
2023-02-145.25.1SAP NetWeaver AS ABAP BSP Framework cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2023-24521
2023-02-145.25.1SAP NetWeaver Application Server ABAP URL cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-23858
2023-01-274.04.0SAP NetWeaver AS JAVA HTTP Request divulgación de información$5k-$25k$0-$5kNot DefinedNot Defined0.05CVE-2021-33687

350 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 350 results.

más entradas por Sap

AnteriorVisión de conjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!