Vulnerabilities > SAP > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2021-27613 Unspecified vulnerability in SAP Chef Business-One-Cookbook 0.1.9
Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an attacker to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restricted, which could lead to Information Disclosure and highly impact system confidentiality, integrity and availability.
local
low complexity
sap
7.8
2021-05-11 CVE-2021-27614 Injection vulnerability in SAP Business-One-Hana-Chef-Cookbook and Business ONE
SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an attacker to inject code that can be executed by the application.
local
low complexity
sap CWE-74
7.1
2021-05-11 CVE-2021-27616 Unspecified vulnerability in SAP Business-One-Hana-Chef-Cookbook and Business ONE
Under certain conditions, SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One for SAP HANA, allows an attacker to exploit an insecure temporary backup path and to access information which would otherwise be restricted, resulting in Information Disclosure vulnerability highly impacting the confidentiality, integrity and availability of the application.
local
low complexity
sap
7.8
2021-04-14 CVE-2021-27608 Unquoted Search Path or Element vulnerability in SAP Setup 9.0
An unquoted service path in SAPSetup, version - 9.0, could lead to privilege escalation during the installation process that is performed when an executable file is registered.
local
high complexity
sap CWE-428
7.5
2021-04-13 CVE-2021-21482 Unspecified vulnerability in SAP Netweaver Master Data Management 7.10.750/710
SAP NetWeaver Master Data Management, versions - 710, 710.750, allows a malicious unauthorized user with access to the MDM Server subnet to find the password using a brute force method.
low complexity
sap
8.3
2021-03-09 CVE-2021-27592 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Universal 3D (.U3D) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
7.8
2021-03-09 CVE-2021-27591 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Portable Document Format (.PDF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
7.8
2021-03-09 CVE-2021-27590 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Tag Image File Format (.TIFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
7.8
2021-03-09 CVE-2021-27589 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Scalable Vector Graphics (.SVG) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
7.8
2021-03-09 CVE-2021-27588 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated HPGL format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
7.8