VYPR

NetWeaver (Guided Procedures)

by SAP

CVEs (4)

  • CVE-2024-24743Feb 13, 2024
    risk 0.00cvss epss 0.01

    SAP NetWeaver AS Java (CAF - Guided Procedures) - version 7.50, allows an unauthenticated attacker to submit a malicious request with a crafted XML file over the network, which when parsed will enable him to access sensitive files and data but not modify them. There are…

  • CVE-2023-41367Sep 12, 2023
    risk 0.00cvss epss 0.00

    Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances,…

  • CVE-2021-33671Jul 14, 2021
    risk 0.00cvss epss 0.01

    SAP NetWeaver Guided Procedures (Administration Workset), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. The impact of missing authorization could result to abuse of…

  • CVE-2020-6187Feb 12, 2020
    risk 0.00cvss epss 0.01

    SAP NetWeaver (Guided Procedures), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document input from a compromised admin, leading to Denial of Service.