Vulnerabilities > SAP > Netweaver Application Server FOR Java > High

DATE CVE VULNERABILITY TITLE RISK
2023-03-14 CVE-2023-23857 Improper Authentication vulnerability in SAP Netweaver Application Server for Java 7.50
Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and services across systems.
network
low complexity
sap CWE-287
8.6
2022-04-12 CVE-2022-27669 Missing Authorization vulnerability in SAP Netweaver Application Server for Java 7.50
An unauthenticated user can use functions of XML Data Archiving Service of SAP NetWeaver Application Server for Java - version 7.50, to which access should be restricted.
network
low complexity
sap CWE-862
7.5