Vulnerabilities > SAP > Low

DATE CVE VULNERABILITY TITLE RISK
2021-03-22 CVE-2021-27594 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Windows Bitmap (.BMP) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
3.3
2021-03-22 CVE-2021-27595 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Portable Document Format (.PDF) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
3.3
2021-03-22 CVE-2021-27596 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Autodesk 3D Studio for MS-DOS (.3DS) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
3.3
2021-03-09 CVE-2021-21493 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Graphics Interchange Format (.GIF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
3.3
2021-03-09 CVE-2021-27584 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated PhotoShop Document (.PSD) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
3.3
2020-11-30 CVE-2020-6317 Information Exposure Through Log Files vulnerability in SAP Adaptive Server Enterprise 15.7/16.0
In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files.
low complexity
sap CWE-532
3.5
2020-11-10 CVE-2020-26807 Incorrect Default Permissions vulnerability in SAP ERP Client for E-Bilanz 1.0
SAP ERP Client for E-Bilanz, version - 1.0, installation sets Incorrect default filesystem permissions are set in its installation folder which allows anyone to modify the files in the folder.
local
low complexity
sap CWE-276
3.3
2020-07-14 CVE-2020-6280 Unspecified vulnerability in SAP Abap Platform and Netweaver Application Server Abap
SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure.
network
low complexity
sap
2.7
2020-03-10 CVE-2020-6197 Insufficient Session Expiration vulnerability in SAP Enable NOW 10/1902
SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner.
local
low complexity
sap CWE-613
3.3
2020-01-14 CVE-2020-6306 Missing Authorization vulnerability in SAP Leasing
Missing authorization check in a transaction within SAP Leasing (update provided in SAP_APPL 6.18, EA-APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16 and 6.17).
network
low complexity
sap CWE-862
2.7