Business Client
by SAP
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-2398 | Hig | 0.49 | 7.5 | 0.01 | Mar 14, 2018 | Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted. | ||
| CVE-2021-38150 | 0.00 | — | 0.01 | Sep 14, 2021 | When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker… | |||
| CVE-2020-6244 | 0.00 | — | 0.00 | May 12, 2020 | SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. An attacker could thereby control… | |||
| CVE-2020-6228 | 0.00 | — | 0.00 | Apr 14, 2020 | SAP Business Client, versions 6.5, 7.0, does not perform necessary integrity checks which could be exploited by an attacker under certain conditions to modify the installer. |
- risk 0.49cvss 7.5epss 0.01
Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted.
- CVE-2021-38150Sep 14, 2021risk 0.00cvss —epss 0.01
When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker…
- CVE-2020-6244May 12, 2020risk 0.00cvss —epss 0.00
SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. An attacker could thereby control…
- CVE-2020-6228Apr 14, 2020risk 0.00cvss —epss 0.00
SAP Business Client, versions 6.5, 7.0, does not perform necessary integrity checks which could be exploited by an attacker under certain conditions to modify the installer.