Vulnerabilities > SAP > Business Client > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-09-14 CVE-2021-38150 Cleartext Storage of Sensitive Information vulnerability in SAP Business Client 7.0/7.70
When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials.
network
sap CWE-312
4.3
2020-05-12 CVE-2020-6244 Uncontrolled Search Path Element vulnerability in SAP Business Client 7.0
SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element.
local
sap CWE-427
4.4
2020-04-14 CVE-2020-6228 Improper Validation of Integrity Check Value vulnerability in SAP Business Client 6.5/7.0
SAP Business Client, versions 6.5, 7.0, does not perform necessary integrity checks which could be exploited by an attacker under certain conditions to modify the installer.
network
sap CWE-354
4.3
2018-03-14 CVE-2018-2398 Unspecified vulnerability in SAP Business Client 6.5
Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted.
network
low complexity
sap
5.0