Vulnerabilities > SAP > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-10 | CVE-2019-0353 | Unspecified vulnerability in SAP Business ONE Client 9.2/9.3 Under certain conditions SAP Business One client (B1_ON_HANA, SAP-M-BO), before versions 9.2 and 9.3, allows an attacker to access information which would otherwise be restricted. | 3.3 |
2019-06-12 | CVE-2019-0307 | Missing Encryption of Sensitive Data vulnerability in SAP Solution Manager 7.2 Diagnostics Agent in Solution Manager, version 7.2, stores several credentials such as SLD user connection as well as Solman user communication in the SAP Secure Storage file which is not encrypted by default. | 2.4 |
2018-12-11 | CVE-2018-2497 | Unspecified vulnerability in SAP Hana 1.0/2.0 The security audit log of SAP HANA, versions 1.0 and 2.0, does not log SELECT events if these events are part of a statement with the syntax CREATE TABLE <table_name> AS SELECT. | 2.7 |
2017-07-12 | CVE-2017-9843 | Unspecified vulnerability in SAP Netweaver Abap 7.40 SAP NetWeaver AS ABAP 7.40 allows remote authenticated users with certain privileges to cause a denial of service (process crash) via vectors involving disp+work.exe, aka SAP Security Note 2406841. | 2.7 |
2016-10-13 | CVE-2016-7437 | Unspecified vulnerability in SAP Netweaver 7.40 SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312. | 3.3 |