Vulnerabilities > SAP > Business Planning AND Consolidation > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-10	CVE-2023-0016	SQL Injection vulnerability in SAP Business Planning and Consolidation 800/810 SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. network low complexity sap CWE-89	8.8
2022-12-13	CVE-2022-41268	Improper Privilege Management vulnerability in SAP Business Planning and Consolidation In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. network high complexity sap CWE-269	7.5
2018-08-02	CVE-2017-16349	XXE vulnerability in SAP Business Planning and Consolidation An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. network low complexity sap CWE-611	8.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.