Vulnerabilities > SAP > Netweaver Application Server FOR Java > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-14 | CVE-2023-23857 | Improper Authentication vulnerability in SAP Netweaver Application Server for Java 7.50 Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and services across systems. | 8.6 |
2022-04-12 | CVE-2022-27669 | Missing Authorization vulnerability in SAP Netweaver Application Server for Java 7.50 An unauthenticated user can use functions of XML Data Archiving Service of SAP NetWeaver Application Server for Java - version 7.50, to which access should be restricted. | 7.5 |