VYPR

BW4HANA

by SAP

CVEs (4)

  • CVE-2025-42960MedJul 8, 2025
    risk 0.28cvss 4.3epss 0.00

    SAP Business Warehouse and SAP BW/4HANA BEx Tools allow an authenticated attacker to gain higher access levels than intended by exploiting improper authorization checks. This could potentially impact data integrity by allowing deletion of user table entries.�It has no impact…

  • CVE-2021-21466Jan 12, 2021
    risk 0.00cvss epss 0.03

    SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious…

  • CVE-2020-26838Dec 9, 2020
    risk 0.00cvss epss 0.02

    SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any…

  • CVE-2019-0243Jan 8, 2019
    risk 0.00cvss epss 0.02

    Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.