VYPR

NetWeaver Administrator

by SAP

CVEs (3)

  • CVE-2024-54197HigDec 10, 2024
    risk 0.47cvss 7.2epss 0.00

    SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in Server-Side Request Forgery (SSRF) which could have a…

  • CVE-2024-22127Mar 12, 2024
    risk 0.00cvss epss 0.02

    SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an attacker with high privileges to upload potentially dangerous files which leads to command injection vulnerability. This would enable the attacker to run commands which can cause…

  • CVE-2021-33689Jul 14, 2021
    risk 0.00cvss epss 0.01

    When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applications), version - 7.50, no security audit log is created. Therefore, security audit log Integrity is impacted.