VYPR

NetWeaver AS Java for Deploy Service

by SAP

CVEs (2)

  • CVE-2023-24527Apr 11, 2023
    risk 0.00cvss epss 0.00

    SAP NetWeaver AS Java for Deploy Service - version 7.5, does not perform any access control checks for functionalities that require user identity enabling an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access a…

  • CVE-2023-24526Mar 14, 2023
    risk 0.00cvss epss 0.01

    SAP NetWeaver Application Server Java for Classload Service - version 7.50, does not perform any authentication checks for functionalities that require user identity, resulting in escalation of privileges. This failure has a low impact on confidentiality of the data such that an…