Shodan
Vulnerabilities
Vulnerable Software
Sap:  Security Vulnerabilities
CVE-2013-7358
Unspecified vulnerability in SAP Guided Procedures Archive Monitor allows remote attackers to obtain usernames, roles, profiles, and possibly other identity information via unknown vectors.
CVSS Score
5.0
EPSS Score
0.003
Published
2014-04-10
CVE-2013-7359
Unspecified vulnerability in SAP Mobile Infrastructure allows remote attackers to obtain sensitive port information via unknown vectors, related to an "internal port scanning" issue.
CVSS Score
5.0
EPSS Score
0.003
Published
2014-04-10
CVE-2013-7360
Unspecified vulnerability in SAP adminadapter allows remote attackers to read or write to arbitrary files via unknown vectors.
CVSS Score
7.5
EPSS Score
0.005
Published
2014-04-10
CVE-2013-7361
Directory traversal vulnerability in SAP CMS and CM Services allows attackers to upload arbitrary files via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.003
Published
2014-04-10
CVE-2014-1960
The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.004
Published
2014-02-14
CVE-2014-1961
Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver allows remote attackers to obtain sensitive path information via unknown attack vectors.
CVSS Score
5.0
EPSS Score
0.004
Published
2014-02-14
CVE-2014-1962
Gwsync in SAP CRM 7.02 EHP 2 allows remote attackers to obtain sensitive information via unspecified vectors, related to an XML External Entity (XXE) issue.
CVSS Score
5.0
EPSS Score
0.005
Published
2014-02-14
CVE-2014-1963
Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 allows remote attackers to cause a denial of service via unknown attack vectors.
CVSS Score
5.0
EPSS Score
0.007
Published
2014-02-14
CVE-2014-1964
Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-02-14
CVE-2014-1965
Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-02-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved