Vulnerabilities > SAP
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-12 | CVE-2022-29619 | Unspecified vulnerability in SAP Businessobjects Business Intelligence Platform 420/430 Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn't own and which would otherwise be restricted. | 6.5 |
| 2022-07-12 | CVE-2022-31591 | Unspecified vulnerability in SAP Businessobjects BW Publisher Service 420/430 SAP BusinessObjects BW Publisher Service - versions 420, 430, uses a search path that contains an unquoted element. | 7.8 |
| 2022-07-12 | CVE-2022-31592 | Unspecified vulnerability in SAP Enterprise Extension Defense Forces & Public Security The application SAP Enterprise Extension Defense Forces & Public Security - versions 605, 606, 616,617,618, 802, 803, 804, 805, 806, does not perform necessary authorization checks for an authenticated user over the network, resulting in escalation of privileges leading to a limited impact on confidentiality. | 4.3 |
| 2022-07-12 | CVE-2022-31593 | Unspecified vulnerability in SAP Business ONE 10.0 SAP Business One client - version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. | 8.8 |
| 2022-07-12 | CVE-2022-31597 | Unspecified vulnerability in SAP S/4Hana and Sapscore Within SAP S/4HANA - versions S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127, the application business partner extension for Spain/Slovakia does not perform necessary authorization checks for a low privileged authenticated user over the network, resulting in escalation of privileges leading to low impact on confidentiality and integrity of the data. | 5.4 |
| 2022-07-12 | CVE-2022-31598 | Insufficient Verification of Data Authenticity vulnerability in SAP Business Objects Business Intelligence Platform 420 Due to insufficient input validation, SAP Business Objects - version 420, allows an authenticated attacker to submit a malicious request through an allowed operation. | 5.4 |
| 2022-07-12 | CVE-2022-32246 | Unspecified vulnerability in SAP Business Objects Business Intelligence Platform 420/430 SAP Busines Objects Business Intelligence Platform (Visual Difference Application) - versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and extract data from the SQL backend. | 4.6 |
| 2022-07-12 | CVE-2022-32247 | Unspecified vulnerability in SAP Netweaver Enterprise Portal SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the User inputs while interacting on the Network. | 6.1 |
| 2022-07-12 | CVE-2022-32248 | Unspecified vulnerability in SAP S/4Hana Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA - version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the database. | 5.3 |
| 2022-07-12 | CVE-2022-32249 | Unspecified vulnerability in SAP Business ONE 10.0 Under special integration scenario of SAP Business one and SAP HANA - version 10.0, an attacker can exploit HANA cockpit?s data volume to gain access to highly sensitive information (e.g., high privileged account credentials) | 7.5 |