Vulnerabilities > SAP > Solution Manager > 740

DATE CVE VULNERABILITY TITLE RISK
2023-03-14 CVE-2023-27893 Unspecified vulnerability in SAP Solution Manager 740
An attacker authenticated as a user with a non-administrative role and a common remote execution authorization in SAP Solution Manager and ABAP managed systems (ST-PI) - versions 2088_1_700, 2008_1_710, 740, can use a vulnerable interface to execute an application function to perform actions which they would not normally be permitted to perform.  Depending on the function executed, the attack can read or modify any user or application data and can make the application unavailable.
network
low complexity
sap
8.8
2022-12-13 CVE-2022-41275 Open Redirect vulnerability in SAP Solution Manager 740/750
In SAP Solution Manager (Enterprise Search) - versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impact on confidentiality and integrity.
network
low complexity
sap CWE-601
6.1