VYPR

NetWeaver BI CONT ADDON

by SAP

CVEs (2)

  • CVE-2023-33989Jul 11, 2023
    risk 0.00cvss epss 0.01

    An attacker with non-administrative authorizations in SAP NetWeaver (BI CONT ADD ON) - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written…

  • CVE-2023-29186Apr 11, 2023
    risk 0.00cvss epss 0.23

    In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then…