Vulnerabilities > SAP > Fiori Client

DATE CVE VULNERABILITY TITLE RISK
2021-08-10 CVE-2021-33699 Unspecified vulnerability in SAP Fiori Client 3.2
Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifest.xml with their Task Control features.
low complexity
sap
3.3
2018-11-13 CVE-2018-2491 Code Injection vulnerability in SAP Fiori Client
When opening a deep link URL in SAP Fiori Client with log level set to "Debug", the client application logs the URL to the log file.
network
sap CWE-94
6.8
2018-11-13 CVE-2018-2490 Incorrect Permission Assignment for Critical Resource vulnerability in SAP Fiori Client
The broadcast messages received by SAP Fiori Client are not protected by permissions.
network
sap CWE-732
6.8
2018-11-13 CVE-2018-2489 Incorrect Permission Assignment for Critical Resource vulnerability in SAP Fiori Client
Locally, without any permission, an arbitrary android application could delete the SSO configuration of SAP Fiori Client.
network
sap CWE-732
6.8
2018-11-13 CVE-2018-2488 Unspecified vulnerability in SAP Fiori Client
It is possible for a malware application installed on an Android device to send local push notifications with an empty message to SAP Fiori Client and cause the application to crash.
network
sap
6.8
2018-11-13 CVE-2018-2485 Unspecified vulnerability in SAP Fiori Client
It is possible for a malicious application or malware to execute JavaScript in a SAP Fiori application.
network
low complexity
sap
6.4