Vulnerabilities > SAP > Fiori Client
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-10 | CVE-2021-33699 | Unspecified vulnerability in SAP Fiori Client 3.2 Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifest.xml with their Task Control features. low complexity sap | 6.5 |
| 2018-11-13 | CVE-2018-2491 | Code Injection vulnerability in SAP Fiori Client When opening a deep link URL in SAP Fiori Client with log level set to "Debug", the client application logs the URL to the log file. | 7.8 |
| 2018-11-13 | CVE-2018-2490 | Incorrect Permission Assignment for Critical Resource vulnerability in SAP Fiori Client The broadcast messages received by SAP Fiori Client are not protected by permissions. | 7.8 |
| 2018-11-13 | CVE-2018-2489 | Incorrect Permission Assignment for Critical Resource vulnerability in SAP Fiori Client Locally, without any permission, an arbitrary android application could delete the SSO configuration of SAP Fiori Client. | 7.8 |
| 2018-11-13 | CVE-2018-2488 | Unspecified vulnerability in SAP Fiori Client It is possible for a malware application installed on an Android device to send local push notifications with an empty message to SAP Fiori Client and cause the application to crash. | 7.8 |
| 2018-11-13 | CVE-2018-2485 | Unspecified vulnerability in SAP Fiori Client It is possible for a malicious application or malware to execute JavaScript in a SAP Fiori application. | 7.7 |