Vulnerabilities > SAP > Business Planning AND Consolidation > 300

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-14	CVE-2023-23851	Unrestricted Upload of File with Dangerous Type vulnerability in SAP Business Planning and Consolidation 200/300 SAP Business Planning and Consolidation - versions 200, 300, allows an attacker with business authorization to upload any files (including web pages) without the proper file format validation. network low complexity sap CWE-434	5.4
2022-12-13	CVE-2022-41268	Improper Privilege Management vulnerability in SAP Business Planning and Consolidation In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. network high complexity sap CWE-269	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.