Vulnerabilities > SAP > Business Client > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-14 | CVE-2021-38150 | Cleartext Storage of Sensitive Information vulnerability in SAP Business Client 7.0/7.70 When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. | 4.3 |
| 2020-05-12 | CVE-2020-6244 | Uncontrolled Search Path Element vulnerability in SAP Business Client 7.0 SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. | 4.4 |
| 2020-04-14 | CVE-2020-6228 | Improper Validation of Integrity Check Value vulnerability in SAP Business Client 6.5/7.0 SAP Business Client, versions 6.5, 7.0, does not perform necessary integrity checks which could be exploited by an attacker under certain conditions to modify the installer. | 4.3 |
| 2018-03-14 | CVE-2018-2398 | Unspecified vulnerability in SAP Business Client 6.5 Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted. | 5.0 |