Vulnerabilities > SAP > Netweaver Process Integration > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-13 | CVE-2022-41271 | Missing Authorization vulnerability in SAP Netweaver Process Integration 7.50 An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration (PI) - version 7.50. | 9.4 |
2019-07-10 | CVE-2019-0328 | OS Command Injection vulnerability in SAP Netweaver Process Integration ABAP Tests Modules (SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5) of SAP NetWeaver Process Integration enables an attacker the execution of OS commands with privileged rights. | 9.0 |