Vulnerabilities > SAP > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-11 | CVE-2021-27613 | Unspecified vulnerability in SAP Chef Business-One-Cookbook 0.1.9 Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an attacker to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restricted, which could lead to Information Disclosure and highly impact system confidentiality, integrity and availability. | 7.8 |
2021-05-11 | CVE-2021-27614 | Injection vulnerability in SAP Business-One-Hana-Chef-Cookbook and Business ONE SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an attacker to inject code that can be executed by the application. | 7.1 |
2021-05-11 | CVE-2021-27616 | Unspecified vulnerability in SAP Business-One-Hana-Chef-Cookbook and Business ONE Under certain conditions, SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One for SAP HANA, allows an attacker to exploit an insecure temporary backup path and to access information which would otherwise be restricted, resulting in Information Disclosure vulnerability highly impacting the confidentiality, integrity and availability of the application. | 7.8 |
2021-04-14 | CVE-2021-27608 | Unquoted Search Path or Element vulnerability in SAP Setup 9.0 An unquoted service path in SAPSetup, version - 9.0, could lead to privilege escalation during the installation process that is performed when an executable file is registered. | 7.5 |
2021-04-13 | CVE-2021-21482 | Unspecified vulnerability in SAP Netweaver Master Data Management 7.10.750/710 SAP NetWeaver Master Data Management, versions - 710, 710.750, allows a malicious unauthorized user with access to the MDM Server subnet to find the password using a brute force method. low complexity sap | 8.3 |
2021-03-09 | CVE-2021-27592 | Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9 When a user opens manipulated Universal 3D (.U3D) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | 7.8 |
2021-03-09 | CVE-2021-27591 | Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9 When a user opens manipulated Portable Document Format (.PDF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | 7.8 |
2021-03-09 | CVE-2021-27590 | Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9 When a user opens manipulated Tag Image File Format (.TIFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | 7.8 |
2021-03-09 | CVE-2021-27589 | Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9 When a user opens manipulated Scalable Vector Graphics (.SVG) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | 7.8 |
2021-03-09 | CVE-2021-27588 | Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9 When a user opens manipulated HPGL format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | 7.8 |