Vulnerabilities > SAP > Netweaver Process Integration > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-12-13 CVE-2022-41271 Missing Authorization vulnerability in SAP Netweaver Process Integration 7.50
An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration (PI) - version 7.50.
network
low complexity
sap CWE-862
critical
9.4
2019-07-10 CVE-2019-0328 OS Command Injection vulnerability in SAP Netweaver Process Integration
ABAP Tests Modules (SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5) of SAP NetWeaver Process Integration enables an attacker the execution of OS commands with privileged rights.
network
low complexity
sap CWE-78
critical
9.0