Shodan
Vulnerabilities
Vulnerable Software
Sap:  >> Netweaver  Security Vulnerabilities
CVE-2014-8592
Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request.
CVSS Score
5.0
EPSS Score
0.019
Published
2014-11-04
CVE-2014-6252
Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.50294 in the Dispatcher in SAP NetWeaver 7.00 and 7.20 allows remote authenticated users to cause a denial of service or execute arbitrary code via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.022
Published
2014-09-05
CVE-2014-4003
The System Landscape Directory (SLD) in SAP NetWeaver allows remote attackers to modify information via vectors related to adding a system.
CVSS Score
7.5
EPSS Score
0.012
Published
2014-06-09
CVE-2014-3787
SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.003
Published
2014-05-19
CVE-2013-7364
An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors.
CVSS Score
7.5
EPSS Score
0.007
Published
2014-04-10
CVE-2014-1960
The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.004
Published
2014-02-14
CVE-2014-1961
Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver allows remote attackers to obtain sensitive path information via unknown attack vectors.
CVSS Score
5.0
EPSS Score
0.004
Published
2014-02-14
CVE-2014-1963
Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 allows remote attackers to cause a denial of service via unknown attack vectors.
CVSS Score
5.0
EPSS Score
0.007
Published
2014-02-14
CVE-2014-1964
Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-02-14
CVE-2014-1965
Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-02-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved