📦 Netweaver Application Server Abap
by Sap
🔍 What is Netweaver Application Server Abap?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
An authenticated attacker in SAP CRM and SAP S/4HANA can exploit a flaw in the Scripting Editor's generic function module to execute arbitrary SQL statements. This allows full database compromise affe...
CVE-2023-40309 is an authentication bypass vulnerability in SAP CommonCryptoLib that allows authenticated users to escalate privileges by bypassing authorization checks. This affects SAP applications ...
This vulnerability allows authenticated non-administrative users to exploit a directory traversal flaw in SAPRSBRO program to overwrite critical system files. This can lead to denial of service by mak...
This CVE allows attackers with non-administrative SAP authorizations to exploit a directory traversal vulnerability in SAP NetWeaver ABAP services. Attackers can overwrite critical operating system fi...
CVE-2022-22536 is a critical HTTP request smuggling vulnerability in multiple SAP components that allows unauthenticated attackers to prepend malicious data to legitimate user requests. This enables i...
CVE-2021-40499 is a critical code injection vulnerability in SAP Cloud Print Manager and SAPSprint components of SAP NetWeaver Application Server for ABAP. It allows attackers to inject and execute ar...
This vulnerability in SAP NetWeaver ABAP Server and ABAP Platform allows improper authentication due to inconsistent formatting of RFC user information. Attackers could exploit this to gain unauthoriz...
This CVE describes a Missing Authorization Check vulnerability in SAP ABAP systems that allows authenticated attackers to misuse RFC functions to execute form routines (FORMs). Attackers could write o...
This vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform allows authenticated non-administrative users to craft requests that trigger the application server to send requests to arbitrary URLs...
CVE-2022-29611 is an authorization bypass vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform that allows authenticated users to escalate privileges without proper authorizati...
CVE-2022-22540 is an SQL injection vulnerability in SAP NetWeaver AS ABAP Workplace Server that allows attackers to execute crafted database queries. This could expose backend database contents, poten...
CVE-2021-38181 is a denial-of-service vulnerability in SAP NetWeaver AS ABAP and ABAP Platform that allows attackers to crash or flood services, preventing legitimate users from accessing them. This a...
This vulnerability in SAP NetWeaver Application Server ABAP allows unauthenticated attackers to craft URLs that bypass allowlist controls. Attackers could inject CSS code or malicious links into web a...