Shodan
Vulnerabilities
Vulnerable Software
Sap:  Security Vulnerabilities
CVE-2014-4011
SAP Capacity Leveling has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.003
Published
2014-06-09
CVE-2014-4012
SAP Open Hub Service has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.003
Published
2014-06-09
CVE-2014-4003
The System Landscape Directory (SLD) in SAP NetWeaver allows remote attackers to modify information via vectors related to adding a system.
CVSS Score
7.5
EPSS Score
0.012
Published
2014-06-09
CVE-2014-4004
The (1) Structures and (2) Project-Oriented Procurement components in SAP Project System has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.004
Published
2014-06-09
CVE-2014-3787
SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.003
Published
2014-05-19
CVE-2014-3129
The Java Server Pages in the Software Lifecycle Manager (SLM) in SAP NetWeaver allows remote attackers to obtain sensitive information via a crafted request, related to SAP Solution Manager 7.1.
CVSS Score
5.0
EPSS Score
0.007
Published
2014-04-30
CVE-2014-3130
The ABAP Help documentation and translation tools (BC-DOC-HLP) in Basis in SAP Netweaver ABAP Application Server does not properly restrict access, which allows local users to gain privileges and execute ABAP instructions via crafted help messages.
CVSS Score
4.6
EPSS Score
0.001
Published
2014-04-30
CVE-2014-3131
SAP Profile Maintenance does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7.1.
CVSS Score
4.0
EPSS Score
0.003
Published
2014-04-30
CVE-2014-3132
SAP Background Processing does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7.1.
CVSS Score
4.0
EPSS Score
0.003
Published
2014-04-30
CVE-2014-3133
SAP Netweaver Java Application Server does not properly restrict access, which allows remote attackers to obtain the list of SAP systems registered on an SLD via an unspecified webdynpro, related to SystemSelection.
CVSS Score
5.0
EPSS Score
0.004
Published
2014-04-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved