VYPR

Business Application Software Integrated Solution

by SAP

CVEs (2)

  • CVE-2017-16682HigDec 12, 2017
    risk 0.47cvss 7.2epss 0.02

    SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application.

  • CVE-2017-16691MedDec 12, 2017
    risk 0.42cvss 6.5epss 0.01

    SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31,7.40, from 7.50 to 7.52) supports upload of digitally signed note file of type 'SAR'. The digital signature verification is done together with the extraction of note file contained in the SAR…