Vulnerabilities > SAP > Low

DATE CVE VULNERABILITY TITLE RISK
2019-09-10 CVE-2019-0353 Unspecified vulnerability in SAP Business ONE Client 9.2/9.3
Under certain conditions SAP Business One client (B1_ON_HANA, SAP-M-BO), before versions 9.2 and 9.3, allows an attacker to access information which would otherwise be restricted.
local
low complexity
sap
3.3
2019-06-12 CVE-2019-0307 Missing Encryption of Sensitive Data vulnerability in SAP Solution Manager 7.2
Diagnostics Agent in Solution Manager, version 7.2, stores several credentials such as SLD user connection as well as Solman user communication in the SAP Secure Storage file which is not encrypted by default.
low complexity
sap CWE-311
2.4
2018-12-11 CVE-2018-2497 Unspecified vulnerability in SAP Hana 1.0/2.0
The security audit log of SAP HANA, versions 1.0 and 2.0, does not log SELECT events if these events are part of a statement with the syntax CREATE TABLE <table_name> AS SELECT.
network
low complexity
sap
2.7
2017-07-12 CVE-2017-9843 Unspecified vulnerability in SAP Netweaver Abap 7.40
SAP NetWeaver AS ABAP 7.40 allows remote authenticated users with certain privileges to cause a denial of service (process crash) via vectors involving disp+work.exe, aka SAP Security Note 2406841.
network
low complexity
sap
2.7
2016-10-13 CVE-2016-7437 Unspecified vulnerability in SAP Netweaver 7.40
SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312.
local
low complexity
sap
3.3