Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-45279 (GCVE-0-2024-45279)
Vulnerability from cvelistv5 – Published: 2024-09-10 04:29 – Updated: 2024-09-10 13:20
VLAI?
EPSS
Summary
Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel) |
Affected:
700
Affected: 701 Affected: 702 Affected: 731 Affected: 740 Affected: 750 Affected: 751 Affected: 752 Affected: 75C Affected: 75D Affected: 75E Affected: 75F Affected: 75G Affected: 75H Affected: 75I |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:20:24.409522Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:20:33.379Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "700"
},
{
"status": "affected",
"version": "701"
},
{
"status": "affected",
"version": "702"
},
{
"status": "affected",
"version": "731"
},
{
"status": "affected",
"version": "740"
},
{
"status": "affected",
"version": "750"
},
{
"status": "affected",
"version": "751"
},
{
"status": "affected",
"version": "752"
},
{
"status": "affected",
"version": "75C"
},
{
"status": "affected",
"version": "75D"
},
{
"status": "affected",
"version": "75E"
},
{
"status": "affected",
"version": "75F"
},
{
"status": "affected",
"version": "75G"
},
{
"status": "affected",
"version": "75H"
},
{
"status": "affected",
"version": "75I"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDue to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim\u0027s browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.\u003c/p\u003e"
}
],
"value": "Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim\u0027s browser giving the attacker the ability to access and/or modify information with no effect on availability of the application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T04:29:45.830Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3501359"
},
{
"url": "https://url.sap/sapsecuritypatchday"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2024-45279",
"datePublished": "2024-09-10T04:29:45.830Z",
"dateReserved": "2024-08-26T10:39:20.932Z",
"dateUpdated": "2024-09-10T13:20:33.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim\u0027s browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.\"}, {\"lang\": \"es\", \"value\": \"Debido a una validaci\\u00f3n de entrada insuficiente, el panel CRM Blueprint Application Builder de SAP NetWeaver Application Server para ABAP permite a un atacante no autenticado crear un enlace URL que podr\\u00eda incluir un c\\u00f3digo JavaScript malicioso. Cuando una v\\u00edctima hace clic en este enlace, el script se ejecuta en el navegador de la v\\u00edctima, lo que le da al atacante la posibilidad de acceder o modificar la informaci\\u00f3n sin afectar la disponibilidad de la aplicaci\\u00f3n.\"}]",
"id": "CVE-2024-45279",
"lastModified": "2024-09-10T12:09:50.377",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"cna@sap.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}]}",
"published": "2024-09-10T05:15:11.620",
"references": "[{\"url\": \"https://me.sap.com/notes/3501359\", \"source\": \"cna@sap.com\"}, {\"url\": \"https://url.sap/sapsecuritypatchday\", \"source\": \"cna@sap.com\"}]",
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"cna@sap.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-45279\",\"sourceIdentifier\":\"cna@sap.com\",\"published\":\"2024-09-10T05:15:11.620\",\"lastModified\":\"2024-09-10T12:09:50.377\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim\u0027s browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.\"},{\"lang\":\"es\",\"value\":\"Debido a una validaci\u00f3n de entrada insuficiente, el panel CRM Blueprint Application Builder de SAP NetWeaver Application Server para ABAP permite a un atacante no autenticado crear un enlace URL que podr\u00eda incluir un c\u00f3digo JavaScript malicioso. Cuando una v\u00edctima hace clic en este enlace, el script se ejecuta en el navegador de la v\u00edctima, lo que le da al atacante la posibilidad de acceder o modificar la informaci\u00f3n sin afectar la disponibilidad de la aplicaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cna@sap.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"cna@sap.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"references\":[{\"url\":\"https://me.sap.com/notes/3501359\",\"source\":\"cna@sap.com\"},{\"url\":\"https://url.sap/sapsecuritypatchday\",\"source\":\"cna@sap.com\"}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unaffected\", \"product\": \"SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel)\", \"vendor\": \"SAP_SE\", \"versions\": [{\"status\": \"affected\", \"version\": \"700\"}, {\"status\": \"affected\", \"version\": \"701\"}, {\"status\": \"affected\", \"version\": \"702\"}, {\"status\": \"affected\", \"version\": \"731\"}, {\"status\": \"affected\", \"version\": \"740\"}, {\"status\": \"affected\", \"version\": \"750\"}, {\"status\": \"affected\", \"version\": \"751\"}, {\"status\": \"affected\", \"version\": \"752\"}, {\"status\": \"affected\", \"version\": \"75C\"}, {\"status\": \"affected\", \"version\": \"75D\"}, {\"status\": \"affected\", \"version\": \"75E\"}, {\"status\": \"affected\", \"version\": \"75F\"}, {\"status\": \"affected\", \"version\": \"75G\"}, {\"status\": \"affected\", \"version\": \"75H\"}, {\"status\": \"affected\", \"version\": \"75I\"}]}], \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"\u003cp\u003eDue to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim\u0027s browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.\u003c/p\u003e\"}], \"value\": \"Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim\u0027s browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"NONE\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"scope\": \"CHANGED\", \"userInteraction\": \"REQUIRED\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"version\": \"3.1\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\", \"lang\": \"eng\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"shortName\": \"sap\", \"dateUpdated\": \"2024-09-10T04:29:45.830Z\"}, \"references\": [{\"url\": \"https://me.sap.com/notes/3501359\"}, {\"url\": \"https://url.sap/sapsecuritypatchday\"}], \"source\": {\"discovery\": \"UNKNOWN\"}, \"title\": \"Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel)\", \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-45279\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T13:20:24.409522Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-10T13:20:29.958Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2024-45279\", \"assignerOrgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"sap\", \"dateReserved\": \"2024-08-26T10:39:20.932Z\", \"datePublished\": \"2024-09-10T04:29:45.830Z\", \"dateUpdated\": \"2024-09-10T13:20:33.379Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
WID-SEC-W-2024-2086
Vulnerability from csaf_certbund - Published: 2024-09-09 22:00 - Updated: 2024-09-09 22:00Summary
SAP Patchday September 2024
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
SAP stellt unternehmensweite Lösungen für Geschäftsprozesse wie Buchführung, Vertrieb, Einkauf und Lagerhaltung zur Verfügung.
Angriff
Ein Angreifer kann mehrere Schwachstellen in SAP Software ausnutzen, um seine Privilegien zu erhöhen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "SAP stellt unternehmensweite L\u00f6sungen f\u00fcr Gesch\u00e4ftsprozesse wie Buchf\u00fchrung, Vertrieb, Einkauf und Lagerhaltung zur Verf\u00fcgung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in SAP Software ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-2086 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2086.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-2086 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2086"
},
{
"category": "external",
"summary": "SAP Security Patch Day \u2013 September 2024 vom 2024-09-09",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2024.html"
}
],
"source_lang": "en-US",
"title": "SAP Patchday September 2024",
"tracking": {
"current_release_date": "2024-09-09T22:00:00.000+00:00",
"generator": {
"date": "2024-09-10T10:03:41.307+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.6"
}
},
"id": "WID-SEC-W-2024-2086",
"initial_release_date": "2024-09-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-09-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "SAP Software",
"product": {
"name": "SAP Software",
"product_id": "T031077",
"product_identification_helper": {
"cpe": "cpe:/a:sap:sap:-"
}
}
}
],
"category": "vendor",
"name": "SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-3587",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2013-3587"
},
{
"cve": "CVE-2022-0778",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2023-0215",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0286",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2024-33003",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-33003"
},
{
"cve": "CVE-2024-41728",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-41728"
},
{
"cve": "CVE-2024-41729",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-41729"
},
{
"cve": "CVE-2024-41730",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-41730"
},
{
"cve": "CVE-2024-42371",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-42371"
},
{
"cve": "CVE-2024-42378",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-42378"
},
{
"cve": "CVE-2024-42380",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-42380"
},
{
"cve": "CVE-2024-44112",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44112"
},
{
"cve": "CVE-2024-44113",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44113"
},
{
"cve": "CVE-2024-44114",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44114"
},
{
"cve": "CVE-2024-44115",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44115"
},
{
"cve": "CVE-2024-44116",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44116"
},
{
"cve": "CVE-2024-44117",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44117"
},
{
"cve": "CVE-2024-44120",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44120"
},
{
"cve": "CVE-2024-44121",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44121"
},
{
"cve": "CVE-2024-45279",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45279"
},
{
"cve": "CVE-2024-45280",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45280"
},
{
"cve": "CVE-2024-45281",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45281"
},
{
"cve": "CVE-2024-45283",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45283"
},
{
"cve": "CVE-2024-45284",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45284"
},
{
"cve": "CVE-2024-45285",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45285"
},
{
"cve": "CVE-2024-45286",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45286"
}
]
}
NCSC-2024-0378
Vulnerability from csaf_ncscnl - Published: 2024-09-19 11:37 - Updated: 2024-09-19 11:37Summary
Kwetsbaarheden verholpen in SAP producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
SAP heeft kwetsbaarheden verholpen in diverse producten, zoals SAP, Business Warehouse, NetWeaver, HANA, Business Objects en Commerce.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Cross-Site Scripting (XSS)
- Omzeilen van authenticatie
- Omzeilen van beveiligingsmaatregel
- Uitvoer van willekeurige code (gebruikersrechten)
- Toegang tot gevoelige gegevens
Oplossingen
SAP heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
CWE-213
Exposure of Sensitive Information Due to Incompatible Policies
CWE-426
Untrusted Search Path
CWE-256
Plaintext Storage of a Password
CWE-325
Missing Cryptographic Step
CWE-862
Missing Authorization
CWE-863
Incorrect Authorization
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "SAP heeft kwetsbaarheden verholpen in diverse producten, zoals SAP, Business Warehouse, NetWeaver, HANA, Business Objects en Commerce.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Cross-Site Scripting (XSS)\n- Omzeilen van authenticatie\n- Omzeilen van beveiligingsmaatregel\n- Uitvoer van willekeurige code (gebruikersrechten)\n- Toegang tot gevoelige gegevens",
"title": "Interpretaties"
},
{
"category": "description",
"text": "SAP heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CWE-359"
},
{
"category": "general",
"text": "Exposure of Sensitive Information Due to Incompatible Policies",
"title": "CWE-213"
},
{
"category": "general",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "general",
"text": "Plaintext Storage of a Password",
"title": "CWE-256"
},
{
"category": "general",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "general",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Source - sap",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2024.html"
}
],
"title": "Kwetsbaarheden verholpen in SAP producten",
"tracking": {
"current_release_date": "2024-09-19T11:37:39.757598Z",
"id": "NCSC-2024-0378",
"initial_release_date": "2024-09-19T11:37:39.757598Z",
"revision_history": [
{
"date": "2024-09-19T11:37:39.757598Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1637389",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:dw4core_200:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1637390",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:dw4core_300:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1637391",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:dw4core_400:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496469",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496470",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496471",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496473",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496474",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496475",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496476",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496477",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496478",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_753:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496479",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_754:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496480",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_755:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496481",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_756:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496482",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_757:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496483",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_758:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "businessobjects_business_intelligence_platform",
"product": {
"name": "businessobjects_business_intelligence_platform",
"product_id": "CSAFPID-55202",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:businessobjects_business_intelligence_platform:430:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "commerce_cloud",
"product": {
"name": "commerce_cloud",
"product_id": "CSAFPID-382448",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:commerce_cloud:2211:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-173007",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-173009",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-173010",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-173004",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74446",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74448",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74436",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74454",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74442",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:753:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74453",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:754:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74434",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:755:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74449",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:756:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74432",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:757:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-340930",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:758:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-1637232",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:912:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262156",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262157",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262158",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262162",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262163",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262164",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262165",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262166",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637253",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75c:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637250",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75d:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637252",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75e:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637255",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75f:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637254",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75g:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637256",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75h:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637251",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75i:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_as_for_java",
"product": {
"name": "netweaver_as_for_java",
"product_id": "CSAFPID-164614",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_as_for_java:7.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_as_java",
"product": {
"name": "netweaver_as_java",
"product_id": "CSAFPID-837776",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_as_java:7.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637280",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:dw4core_200:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637282",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:dw4core_300:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637278",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:dw4core_400:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637283",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637284",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637276",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637274",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637287",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637281",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637279",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637273",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637275",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_753:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637285",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_754:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637288",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_755:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637286",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_756:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637277",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_757:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637272",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_758:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_enterprise_portal",
"product": {
"name": "netweaver_enterprise_portal",
"product_id": "CSAFPID-55577",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_enterprise_portal:7.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642792",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:600:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642793",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:602:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642794",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:603:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642795",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:604:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642796",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:605:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642797",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:606:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642798",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642799",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642800",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642801",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642802",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642803",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642804",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642805",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:806:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642806",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:807:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637374",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:600:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637375",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:602:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637376",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:603:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637377",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:604:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637378",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:605:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637379",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:606:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637380",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637381",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637382",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637383",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637384",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637385",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637386",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637387",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:806:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637388",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:807:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637261",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_605:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637260",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_606:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637267",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_616:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637266",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637263",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637264",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637265",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_801:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637262",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637259",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637257",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637268",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637258",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:s4cext_106:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637270",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:s4cext_107:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637269",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:s4cext_108:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap",
"product": {
"name": "sap",
"product_id": "CSAFPID-1498297",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:sap:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1614510",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475930",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1637289",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475932",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475933",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475927",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475931",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475928",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:806:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475934",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:807:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475929",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:808:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "sap"
},
{
"branches": [
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637073",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:dw4core_200:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637074",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:dw4core_300:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637075",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:dw4core_400:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637076",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637077",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637078",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637079",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637080",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637081",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637082",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637083",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637084",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_753:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637085",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_754:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637086",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_755:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637087",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_756:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637088",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_757:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637089",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_758:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_businessobjects_business_intelligence_platform",
"product": {
"name": "sap_businessobjects_business_intelligence_platform",
"product_id": "CSAFPID-1464457",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_businessobjects_business_intelligence_platform:430:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637153",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:600:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637154",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:602:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637155",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:603:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637156",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:604:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637157",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:605:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637158",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:606:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637159",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637160",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637161",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637162",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637163",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637164",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637165",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637166",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:806:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637167",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:807:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637137",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637138",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637139",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637140",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637141",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637142",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637143",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637144",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637145",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75c:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637146",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75d:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637147",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75e:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637148",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75f:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637149",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75g:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637150",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75h:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637151",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75i:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559119",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559120",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559121",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559125",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559126",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559127",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559128",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559129",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559130",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:753:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559131",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:754:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559132",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:755:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559133",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:756:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1637090",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:757:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1637091",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:758:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1637092",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:912:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_as_for_java__destination_service_",
"product": {
"name": "sap_netweaver_as_for_java__destination_service_",
"product_id": "CSAFPID-1637194",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_as_for_java__destination_service_:7.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_as_java__logon_application_",
"product": {
"name": "sap_netweaver_as_java__logon_application_",
"product_id": "CSAFPID-1637152",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_as_java__logon_application_:7.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637093",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:dw4core_200:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637094",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:dw4core_300:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637095",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:dw4core_400:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637096",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637097",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637098",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637099",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637100",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637101",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637102",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637103",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637104",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_753:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637105",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_754:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637106",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_755:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637107",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_756:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637108",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_757:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637109",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_758:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_enterprise_portal",
"product": {
"name": "sap_netweaver_enterprise_portal",
"product_id": "CSAFPID-1550602",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_enterprise_portal:7.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637171",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_605:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637172",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_606:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637173",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_616:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637174",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637175",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637176",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637177",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_801:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637178",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637179",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637180",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637181",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637168",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:s4cext_106:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637169",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:s4cext_107:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637170",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:s4cext_108:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4_hana__statutory_reports_",
"product": {
"name": "sap_s_4_hana__statutory_reports_",
"product_id": "CSAFPID-1637136",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4_hana__statutory_reports_:900:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637113",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_102:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637114",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_103:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637115",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_104:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637116",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_105:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637117",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_106:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637118",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_107:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637119",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_108:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637110",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:sap_appl_606:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637111",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:sap_appl_617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637112",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:sap_appl_618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614213",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614214",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1637190",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614215",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614216",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614217",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614218",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614219",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:806:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614220",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:807:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614221",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:808:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "sap_se"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-3587",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"notes": [
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1498297",
"CSAFPID-382448"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2013-3587",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2013/CVE-2013-3587.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1498297",
"CSAFPID-382448"
]
}
],
"title": "CVE-2013-3587"
},
{
"cve": "CVE-2024-41728",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41728",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41728.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-41728"
},
{
"cve": "CVE-2024-41729",
"cwe": {
"id": "CWE-359",
"name": "Exposure of Private Personal Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CWE-359"
},
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637093",
"CSAFPID-1637094",
"CSAFPID-1637095",
"CSAFPID-1637096",
"CSAFPID-1637097",
"CSAFPID-1637098",
"CSAFPID-1637099",
"CSAFPID-1637100",
"CSAFPID-1637101",
"CSAFPID-1637102",
"CSAFPID-1637103",
"CSAFPID-1637104",
"CSAFPID-1637105",
"CSAFPID-1637106",
"CSAFPID-1637107",
"CSAFPID-1637108",
"CSAFPID-1637109",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41729",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41729.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637093",
"CSAFPID-1637094",
"CSAFPID-1637095",
"CSAFPID-1637096",
"CSAFPID-1637097",
"CSAFPID-1637098",
"CSAFPID-1637099",
"CSAFPID-1637100",
"CSAFPID-1637101",
"CSAFPID-1637102",
"CSAFPID-1637103",
"CSAFPID-1637104",
"CSAFPID-1637105",
"CSAFPID-1637106",
"CSAFPID-1637107",
"CSAFPID-1637108",
"CSAFPID-1637109",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-41729"
},
{
"cve": "CVE-2024-42371",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-42371",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42371.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-42371"
},
{
"cve": "CVE-2024-42378",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637110",
"CSAFPID-1637111",
"CSAFPID-1637112",
"CSAFPID-1637113",
"CSAFPID-1637114",
"CSAFPID-1637115",
"CSAFPID-1637116",
"CSAFPID-1637117",
"CSAFPID-1637118",
"CSAFPID-1637119",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-42378",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42378.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637110",
"CSAFPID-1637111",
"CSAFPID-1637112",
"CSAFPID-1637113",
"CSAFPID-1637114",
"CSAFPID-1637115",
"CSAFPID-1637116",
"CSAFPID-1637117",
"CSAFPID-1637118",
"CSAFPID-1637119",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-42378"
},
{
"cve": "CVE-2024-42380",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74432",
"CSAFPID-173009",
"CSAFPID-340930",
"CSAFPID-173010",
"CSAFPID-74448",
"CSAFPID-74449",
"CSAFPID-74434",
"CSAFPID-1637232",
"CSAFPID-173007",
"CSAFPID-74436",
"CSAFPID-74453",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-42380",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42380.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74432",
"CSAFPID-173009",
"CSAFPID-340930",
"CSAFPID-173010",
"CSAFPID-74448",
"CSAFPID-74449",
"CSAFPID-74434",
"CSAFPID-1637232",
"CSAFPID-173007",
"CSAFPID-74436",
"CSAFPID-74453",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-42380"
},
{
"cve": "CVE-2024-44112",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637153",
"CSAFPID-1637154",
"CSAFPID-1637155",
"CSAFPID-1637156",
"CSAFPID-1637157",
"CSAFPID-1637158",
"CSAFPID-1637159",
"CSAFPID-1637160",
"CSAFPID-1637161",
"CSAFPID-1637162",
"CSAFPID-1637163",
"CSAFPID-1637164",
"CSAFPID-1637165",
"CSAFPID-1637166",
"CSAFPID-1637167",
"CSAFPID-1498297",
"CSAFPID-1642792",
"CSAFPID-1642793",
"CSAFPID-1642794",
"CSAFPID-1642795",
"CSAFPID-1642796",
"CSAFPID-1642797",
"CSAFPID-1642798",
"CSAFPID-1642799",
"CSAFPID-1642800",
"CSAFPID-1642801",
"CSAFPID-1642802",
"CSAFPID-1642803",
"CSAFPID-1642804",
"CSAFPID-1642805",
"CSAFPID-1642806"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44112",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44112.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637153",
"CSAFPID-1637154",
"CSAFPID-1637155",
"CSAFPID-1637156",
"CSAFPID-1637157",
"CSAFPID-1637158",
"CSAFPID-1637159",
"CSAFPID-1637160",
"CSAFPID-1637161",
"CSAFPID-1637162",
"CSAFPID-1637163",
"CSAFPID-1637164",
"CSAFPID-1637165",
"CSAFPID-1637166",
"CSAFPID-1637167",
"CSAFPID-1498297",
"CSAFPID-1642792",
"CSAFPID-1642793",
"CSAFPID-1642794",
"CSAFPID-1642795",
"CSAFPID-1642796",
"CSAFPID-1642797",
"CSAFPID-1642798",
"CSAFPID-1642799",
"CSAFPID-1642800",
"CSAFPID-1642801",
"CSAFPID-1642802",
"CSAFPID-1642803",
"CSAFPID-1642804",
"CSAFPID-1642805",
"CSAFPID-1642806"
]
}
],
"title": "CVE-2024-44112"
},
{
"cve": "CVE-2024-44113",
"cwe": {
"id": "CWE-359",
"name": "Exposure of Private Personal Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CWE-359"
},
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637073",
"CSAFPID-1637074",
"CSAFPID-1637075",
"CSAFPID-1637076",
"CSAFPID-1637077",
"CSAFPID-1637078",
"CSAFPID-1637079",
"CSAFPID-1637080",
"CSAFPID-1637081",
"CSAFPID-1637082",
"CSAFPID-1637083",
"CSAFPID-1637084",
"CSAFPID-1637085",
"CSAFPID-1637086",
"CSAFPID-1637087",
"CSAFPID-1637088",
"CSAFPID-1637089",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44113",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44113.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637073",
"CSAFPID-1637074",
"CSAFPID-1637075",
"CSAFPID-1637076",
"CSAFPID-1637077",
"CSAFPID-1637078",
"CSAFPID-1637079",
"CSAFPID-1637080",
"CSAFPID-1637081",
"CSAFPID-1637082",
"CSAFPID-1637083",
"CSAFPID-1637084",
"CSAFPID-1637085",
"CSAFPID-1637086",
"CSAFPID-1637087",
"CSAFPID-1637088",
"CSAFPID-1637089",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44113"
},
{
"cve": "CVE-2024-44114",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44114",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44114.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44114"
},
{
"cve": "CVE-2024-44115",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74432",
"CSAFPID-173009",
"CSAFPID-340930",
"CSAFPID-173010",
"CSAFPID-74448",
"CSAFPID-74449",
"CSAFPID-74434",
"CSAFPID-1637232",
"CSAFPID-173007",
"CSAFPID-74436",
"CSAFPID-74453",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44115",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44115.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74432",
"CSAFPID-173009",
"CSAFPID-340930",
"CSAFPID-173010",
"CSAFPID-74448",
"CSAFPID-74449",
"CSAFPID-74434",
"CSAFPID-1637232",
"CSAFPID-173007",
"CSAFPID-74436",
"CSAFPID-74453",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44115"
},
{
"cve": "CVE-2024-44116",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74432",
"CSAFPID-173009",
"CSAFPID-340930",
"CSAFPID-173010",
"CSAFPID-74448",
"CSAFPID-74449",
"CSAFPID-74434",
"CSAFPID-1637232",
"CSAFPID-173007",
"CSAFPID-74436",
"CSAFPID-74453",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44116",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44116.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74432",
"CSAFPID-173009",
"CSAFPID-340930",
"CSAFPID-173010",
"CSAFPID-74448",
"CSAFPID-74449",
"CSAFPID-74434",
"CSAFPID-1637232",
"CSAFPID-173007",
"CSAFPID-74436",
"CSAFPID-74453",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44116"
},
{
"cve": "CVE-2024-44117",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44117",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44117.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44117"
},
{
"cve": "CVE-2024-44120",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1550602",
"CSAFPID-55577",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44120",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44120.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1550602",
"CSAFPID-55577",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44120"
},
{
"cve": "CVE-2024-44121",
"cwe": {
"id": "CWE-213",
"name": "Exposure of Sensitive Information Due to Incompatible Policies"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information Due to Incompatible Policies",
"title": "CWE-213"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637136",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44121",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44121.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637136",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44121"
},
{
"cve": "CVE-2024-45279",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637137",
"CSAFPID-1637138",
"CSAFPID-1637139",
"CSAFPID-1637140",
"CSAFPID-1637141",
"CSAFPID-1637142",
"CSAFPID-1637143",
"CSAFPID-1637144",
"CSAFPID-1637145",
"CSAFPID-1637146",
"CSAFPID-1637147",
"CSAFPID-1637148",
"CSAFPID-1637149",
"CSAFPID-1637150",
"CSAFPID-1637151",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45279",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45279.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637137",
"CSAFPID-1637138",
"CSAFPID-1637139",
"CSAFPID-1637140",
"CSAFPID-1637141",
"CSAFPID-1637142",
"CSAFPID-1637143",
"CSAFPID-1637144",
"CSAFPID-1637145",
"CSAFPID-1637146",
"CSAFPID-1637147",
"CSAFPID-1637148",
"CSAFPID-1637149",
"CSAFPID-1637150",
"CSAFPID-1637151",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45279"
},
{
"cve": "CVE-2024-45280",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637152",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45280",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45280.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637152",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45280"
},
{
"cve": "CVE-2024-45281",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"notes": [
{
"category": "other",
"text": "Untrusted Search Path",
"title": "CWE-426"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1464457",
"CSAFPID-55202",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45281",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45281.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1464457",
"CSAFPID-55202",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45281"
},
{
"cve": "CVE-2024-45283",
"cwe": {
"id": "CWE-256",
"name": "Plaintext Storage of a Password"
},
"notes": [
{
"category": "other",
"text": "Plaintext Storage of a Password",
"title": "CWE-256"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637194",
"CSAFPID-164614",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45283",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45283.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637194",
"CSAFPID-164614",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45283"
},
{
"cve": "CVE-2024-45284",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1614213",
"CSAFPID-1614214",
"CSAFPID-1637190",
"CSAFPID-1614215",
"CSAFPID-1614216",
"CSAFPID-1614217",
"CSAFPID-1614218",
"CSAFPID-1614219",
"CSAFPID-1614220",
"CSAFPID-1614221",
"CSAFPID-1614510",
"CSAFPID-1475927",
"CSAFPID-1475928",
"CSAFPID-1475929",
"CSAFPID-1475930",
"CSAFPID-1475931",
"CSAFPID-1475932",
"CSAFPID-1475933",
"CSAFPID-1475934",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45284",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45284.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-1614213",
"CSAFPID-1614214",
"CSAFPID-1637190",
"CSAFPID-1614215",
"CSAFPID-1614216",
"CSAFPID-1614217",
"CSAFPID-1614218",
"CSAFPID-1614219",
"CSAFPID-1614220",
"CSAFPID-1614221",
"CSAFPID-1614510",
"CSAFPID-1475927",
"CSAFPID-1475928",
"CSAFPID-1475929",
"CSAFPID-1475930",
"CSAFPID-1475931",
"CSAFPID-1475932",
"CSAFPID-1475933",
"CSAFPID-1475934",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45284"
},
{
"cve": "CVE-2024-45285",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45285",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45285.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45285"
},
{
"cve": "CVE-2024-45286",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637168",
"CSAFPID-1637169",
"CSAFPID-1637170",
"CSAFPID-1637171",
"CSAFPID-1637172",
"CSAFPID-1637173",
"CSAFPID-1637174",
"CSAFPID-1637175",
"CSAFPID-1637176",
"CSAFPID-1637177",
"CSAFPID-1637178",
"CSAFPID-1637179",
"CSAFPID-1637180",
"CSAFPID-1637181",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45286",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45286.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637168",
"CSAFPID-1637169",
"CSAFPID-1637170",
"CSAFPID-1637171",
"CSAFPID-1637172",
"CSAFPID-1637173",
"CSAFPID-1637174",
"CSAFPID-1637175",
"CSAFPID-1637176",
"CSAFPID-1637177",
"CSAFPID-1637178",
"CSAFPID-1637179",
"CSAFPID-1637180",
"CSAFPID-1637181",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45286"
}
]
}
GHSA-FC6C-MJWQ-F62W
Vulnerability from github – Published: 2024-09-10 06:30 – Updated: 2024-09-10 06:30
VLAI?
Details
Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.
Severity ?
6.1 (Medium)
{
"affected": [],
"aliases": [
"CVE-2024-45279"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-10T05:15:11Z",
"severity": "MODERATE"
},
"details": "Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim\u0027s browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.",
"id": "GHSA-fc6c-mjwq-f62w",
"modified": "2024-09-10T06:30:48Z",
"published": "2024-09-10T06:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45279"
},
{
"type": "WEB",
"url": "https://me.sap.com/notes/3501359"
},
{
"type": "WEB",
"url": "https://url.sap/sapsecuritypatchday"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2024-45279
Vulnerability from fkie_nvd - Published: 2024-09-10 05:15 - Updated: 2024-09-10 12:09
Severity ?
Summary
Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim\u0027s browser giving the attacker the ability to access and/or modify information with no effect on availability of the application."
},
{
"lang": "es",
"value": "Debido a una validaci\u00f3n de entrada insuficiente, el panel CRM Blueprint Application Builder de SAP NetWeaver Application Server para ABAP permite a un atacante no autenticado crear un enlace URL que podr\u00eda incluir un c\u00f3digo JavaScript malicioso. Cuando una v\u00edctima hace clic en este enlace, el script se ejecuta en el navegador de la v\u00edctima, lo que le da al atacante la posibilidad de acceder o modificar la informaci\u00f3n sin afectar la disponibilidad de la aplicaci\u00f3n."
}
],
"id": "CVE-2024-45279",
"lastModified": "2024-09-10T12:09:50.377",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "cna@sap.com",
"type": "Secondary"
}
]
},
"published": "2024-09-10T05:15:11.620",
"references": [
{
"source": "cna@sap.com",
"url": "https://me.sap.com/notes/3501359"
},
{
"source": "cna@sap.com",
"url": "https://url.sap/sapsecuritypatchday"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "cna@sap.com",
"type": "Primary"
}
]
}
CERTFR-2024-AVI-0754
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | SAP pour Oil & Gas | SAP pour Oil & Gas versions 600, 602, 603, 604, 605, 606, 617, 618, 800, 802, 803, 804, 805, 806, 807 et 807 sans le dernier correctif de sécurité | ||
| SAP | Commerce Cloud | Commerce Cloud versions HY_COM 1808, 1811, 1905, 2005, 2105, 2011, 2205 et COM_CLOUD 2211 sans le dernier correctif de sécurité | ||
| SAP | Business Warehouse | Business Warehouse (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de sécurité | ||
| SAP | S/4HANA (Manage Incoming Payment Files) | S/4 HANA version 900 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver BW | NetWeaver BW (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de sécurité | ||
| SAP | SAP NetWeaver AS Java | NetWeaver AS pour Java (Destination Service et Logon Application) version 7.50 sans le dernier correctif de sécurité | ||
| SAP | SAP BusinessObjects Business Intelligence | BusinessObjects Business Intelligence Platform version 430 sans le dernier correctif de sécurité | ||
| SAP | SAP Student Life Cycle Management | Student Life Cycle Management (SLcM) versions 617, 618, 800, 802, 803, 804, 805, 806, 807 et 808 sans le dernier correctif de sécurité | ||
| SAP | SAP BusinessObjects Business Intelligence | BusinessObjects Business Intelligence Platform versions ENTERPRISE 430 et 440 sans le dernier correctif de sécurité | ||
| SAP | Replication Server | Replication Server versions 16.0.3 et 16.0.4 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server ABAP et ABAP Platform | SAP NetWeaver Application Server pour ABAP et ABAP Platform, Versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758, 912 sans le dernier correctif de sécurité | ||
| SAP | Production et Revenue Accounting | Production et Revenue Accounting (Tobin interface) versions S4CEXT 106, S4CEXT 107, S4CEXT 108, IS-PRA 605, IS-PRA 606, IS-PRA 616, IS-PRA 617, IS-PRA 618, IS-PRA 800, IS-PRA 801, IS-PRA 802, IS-PRA 803, IS-PRA 804 et IS-PRA 805 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Enterprise Portal | NetWeaver Enterprise Portal version 7.50 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server pour ABAP | NetWeaver Application Server pour ABAP (CRM Blueprint Application Builder Panel) versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de sécurité | ||
| SAP | S/4HANA eProcurement | S/4HANA eProcurement versions SAP_APPL 606, SAP_APPL 617, SAP_APPL 618, S4CORE 102, S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107 et S4CORE 108 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SAP pour Oil \u0026 Gas versions 600, 602, 603, 604, 605, 606, 617, 618, 800, 802, 803, 804, 805, 806, 807 et 807 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP pour Oil \u0026 Gas",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Commerce Cloud versions HY_COM 1808, 1811, 1905, 2005, 2105, 2011, 2205 et COM_CLOUD 2211 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Commerce Cloud",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Business Warehouse (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Business Warehouse",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "S/4 HANA version 900 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "S/4HANA (Manage Incoming Payment Files)",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver BW (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver BW",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver AS pour Java (Destination Service et Logon Application) version 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP NetWeaver AS Java",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects Business Intelligence Platform version 430 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP BusinessObjects Business Intelligence",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Student Life Cycle Management (SLcM) versions 617, 618, 800, 802, 803, 804, 805, 806, 807 et 808 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP Student Life Cycle Management",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects Business Intelligence Platform versions ENTERPRISE 430 et 440 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP BusinessObjects Business Intelligence",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Replication Server versions 16.0.3 et 16.0.4 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Replication Server",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server pour ABAP et ABAP Platform, Versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758, 912 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server ABAP et ABAP Platform",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Production et Revenue Accounting (Tobin interface) versions S4CEXT 106, S4CEXT 107, S4CEXT 108, IS-PRA 605, IS-PRA 606, IS-PRA 616, IS-PRA 617, IS-PRA 618, IS-PRA 800, IS-PRA 801, IS-PRA 802, IS-PRA 803, IS-PRA 804 et IS-PRA 805 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Production et Revenue Accounting",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Enterprise Portal version 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Enterprise Portal",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Application Server pour ABAP (CRM Blueprint Application Builder Panel) versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server pour ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "S/4HANA eProcurement versions SAP_APPL 606, SAP_APPL 617, SAP_APPL 618, S4CORE 102, S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107 et S4CORE 108 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "S/4HANA eProcurement",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-45281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45281"
},
{
"name": "CVE-2024-44115",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44115"
},
{
"name": "CVE-2024-45279",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45279"
},
{
"name": "CVE-2024-44117",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44117"
},
{
"name": "CVE-2024-33003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33003"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45285"
},
{
"name": "CVE-2024-45286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45286"
},
{
"name": "CVE-2024-44116",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44116"
},
{
"name": "CVE-2024-44113",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44113"
},
{
"name": "CVE-2024-41729",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41729"
},
{
"name": "CVE-2024-44112",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44112"
},
{
"name": "CVE-2024-41728",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41728"
},
{
"name": "CVE-2024-42371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42371"
},
{
"name": "CVE-2024-42380",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42380"
},
{
"name": "CVE-2024-45280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45280"
},
{
"name": "CVE-2024-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45283"
},
{
"name": "CVE-2013-3587",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3587"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2024-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45284"
},
{
"name": "CVE-2024-44114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44114"
},
{
"name": "CVE-2024-41730",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41730"
},
{
"name": "CVE-2024-44121",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44121"
},
{
"name": "CVE-2024-42378",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42378"
},
{
"name": "CVE-2024-44120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44120"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0754",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": "2024-09-09",
"title": "Bulletin de s\u00e9curit\u00e9 SAP",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2024.html"
}
]
}
CERTFR-2024-AVI-0754
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | SAP pour Oil & Gas | SAP pour Oil & Gas versions 600, 602, 603, 604, 605, 606, 617, 618, 800, 802, 803, 804, 805, 806, 807 et 807 sans le dernier correctif de sécurité | ||
| SAP | Commerce Cloud | Commerce Cloud versions HY_COM 1808, 1811, 1905, 2005, 2105, 2011, 2205 et COM_CLOUD 2211 sans le dernier correctif de sécurité | ||
| SAP | Business Warehouse | Business Warehouse (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de sécurité | ||
| SAP | S/4HANA (Manage Incoming Payment Files) | S/4 HANA version 900 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver BW | NetWeaver BW (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de sécurité | ||
| SAP | SAP NetWeaver AS Java | NetWeaver AS pour Java (Destination Service et Logon Application) version 7.50 sans le dernier correctif de sécurité | ||
| SAP | SAP BusinessObjects Business Intelligence | BusinessObjects Business Intelligence Platform version 430 sans le dernier correctif de sécurité | ||
| SAP | SAP Student Life Cycle Management | Student Life Cycle Management (SLcM) versions 617, 618, 800, 802, 803, 804, 805, 806, 807 et 808 sans le dernier correctif de sécurité | ||
| SAP | SAP BusinessObjects Business Intelligence | BusinessObjects Business Intelligence Platform versions ENTERPRISE 430 et 440 sans le dernier correctif de sécurité | ||
| SAP | Replication Server | Replication Server versions 16.0.3 et 16.0.4 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server ABAP et ABAP Platform | SAP NetWeaver Application Server pour ABAP et ABAP Platform, Versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758, 912 sans le dernier correctif de sécurité | ||
| SAP | Production et Revenue Accounting | Production et Revenue Accounting (Tobin interface) versions S4CEXT 106, S4CEXT 107, S4CEXT 108, IS-PRA 605, IS-PRA 606, IS-PRA 616, IS-PRA 617, IS-PRA 618, IS-PRA 800, IS-PRA 801, IS-PRA 802, IS-PRA 803, IS-PRA 804 et IS-PRA 805 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Enterprise Portal | NetWeaver Enterprise Portal version 7.50 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server pour ABAP | NetWeaver Application Server pour ABAP (CRM Blueprint Application Builder Panel) versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de sécurité | ||
| SAP | S/4HANA eProcurement | S/4HANA eProcurement versions SAP_APPL 606, SAP_APPL 617, SAP_APPL 618, S4CORE 102, S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107 et S4CORE 108 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SAP pour Oil \u0026 Gas versions 600, 602, 603, 604, 605, 606, 617, 618, 800, 802, 803, 804, 805, 806, 807 et 807 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP pour Oil \u0026 Gas",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Commerce Cloud versions HY_COM 1808, 1811, 1905, 2005, 2105, 2011, 2205 et COM_CLOUD 2211 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Commerce Cloud",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Business Warehouse (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Business Warehouse",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "S/4 HANA version 900 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "S/4HANA (Manage Incoming Payment Files)",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver BW (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver BW",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver AS pour Java (Destination Service et Logon Application) version 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP NetWeaver AS Java",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects Business Intelligence Platform version 430 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP BusinessObjects Business Intelligence",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Student Life Cycle Management (SLcM) versions 617, 618, 800, 802, 803, 804, 805, 806, 807 et 808 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP Student Life Cycle Management",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects Business Intelligence Platform versions ENTERPRISE 430 et 440 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP BusinessObjects Business Intelligence",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Replication Server versions 16.0.3 et 16.0.4 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Replication Server",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server pour ABAP et ABAP Platform, Versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758, 912 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server ABAP et ABAP Platform",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Production et Revenue Accounting (Tobin interface) versions S4CEXT 106, S4CEXT 107, S4CEXT 108, IS-PRA 605, IS-PRA 606, IS-PRA 616, IS-PRA 617, IS-PRA 618, IS-PRA 800, IS-PRA 801, IS-PRA 802, IS-PRA 803, IS-PRA 804 et IS-PRA 805 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Production et Revenue Accounting",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Enterprise Portal version 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Enterprise Portal",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Application Server pour ABAP (CRM Blueprint Application Builder Panel) versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server pour ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "S/4HANA eProcurement versions SAP_APPL 606, SAP_APPL 617, SAP_APPL 618, S4CORE 102, S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107 et S4CORE 108 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "S/4HANA eProcurement",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-45281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45281"
},
{
"name": "CVE-2024-44115",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44115"
},
{
"name": "CVE-2024-45279",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45279"
},
{
"name": "CVE-2024-44117",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44117"
},
{
"name": "CVE-2024-33003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33003"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45285"
},
{
"name": "CVE-2024-45286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45286"
},
{
"name": "CVE-2024-44116",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44116"
},
{
"name": "CVE-2024-44113",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44113"
},
{
"name": "CVE-2024-41729",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41729"
},
{
"name": "CVE-2024-44112",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44112"
},
{
"name": "CVE-2024-41728",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41728"
},
{
"name": "CVE-2024-42371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42371"
},
{
"name": "CVE-2024-42380",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42380"
},
{
"name": "CVE-2024-45280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45280"
},
{
"name": "CVE-2024-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45283"
},
{
"name": "CVE-2013-3587",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3587"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2024-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45284"
},
{
"name": "CVE-2024-44114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44114"
},
{
"name": "CVE-2024-41730",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41730"
},
{
"name": "CVE-2024-44121",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44121"
},
{
"name": "CVE-2024-42378",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42378"
},
{
"name": "CVE-2024-44120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44120"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0754",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": "2024-09-09",
"title": "Bulletin de s\u00e9curit\u00e9 SAP",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2024.html"
}
]
}
CNVD-2024-49629
Vulnerability from cnvd - Published: 2024-12-30
VLAI Severity ?
Title
SAP NetWeaver Application Server跨站脚本漏洞(CNVD-2024-49629)
Description
SAP NetWeaver Application Server是德国思爱普(SAP)公司的一款应用程序服务器。
SAP NetWeaver Application Server存在跨站脚本漏洞,该漏洞源于输入验证不足,未经身份验证的攻击者可利用该漏洞制作可嵌入恶意JavaScript的URL链接。
Severity
中
Patch Name
SAP NetWeaver Application Server跨站脚本漏洞(CNVD-2024-49629)的补丁
Patch Description
SAP NetWeaver Application Server是德国思爱普(SAP)公司的一款应用程序服务器。
SAP NetWeaver Application Server存在跨站脚本漏洞,该漏洞源于输入验证不足,未经身份验证的攻击者可利用该漏洞制作可嵌入恶意JavaScript的URL链接。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2024.html
Reference
https://me.sap.com/notes/3501359
Impacted products
| Name | ['SAP SAP NetWeaver Application Server 702', 'SAP SAP NetWeaver Application Server 731', 'SAP SAP NetWeaver Application Server 740', 'SAP SAP NetWeaver Application Server 750', 'SAP SAP NetWeaver Application Server 751', 'SAP SAP NetWeaver Application Server 752', 'SAP SAP NetWeaver Application Server 700', 'SAP SAP NetWeaver Application Server 701', 'SAP SAP NetWeaver Application Server 75C', 'SAP SAP NetWeaver Application Server 75D', 'SAP SAP NetWeaver Application Server 75E', 'SAP SAP NetWeaver Application Server 75F', 'SAP SAP NetWeaver Application Server 75G', 'SAP SAP NetWeaver Application Server 75H', 'SAP SAP NetWeaver Application Server 75I'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2024-45279",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-45279"
}
},
"description": "SAP NetWeaver Application Server\u662f\u5fb7\u56fd\u601d\u7231\u666e\uff08SAP\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5e94\u7528\u7a0b\u5e8f\u670d\u52a1\u5668\u3002\n\nSAP NetWeaver Application Server\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8f93\u5165\u9a8c\u8bc1\u4e0d\u8db3\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5236\u4f5c\u53ef\u5d4c\u5165\u6076\u610fJavaScript\u7684URL\u94fe\u63a5\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2024.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2024-49629",
"openTime": "2024-12-30",
"patchDescription": "SAP NetWeaver Application Server\u662f\u5fb7\u56fd\u601d\u7231\u666e\uff08SAP\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5e94\u7528\u7a0b\u5e8f\u670d\u52a1\u5668\u3002\r\n\r\nSAP NetWeaver Application Server\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8f93\u5165\u9a8c\u8bc1\u4e0d\u8db3\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5236\u4f5c\u53ef\u5d4c\u5165\u6076\u610fJavaScript\u7684URL\u94fe\u63a5\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "SAP NetWeaver Application Server\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2024-49629\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"SAP SAP NetWeaver Application Server 702",
"SAP SAP NetWeaver Application Server 731",
"SAP SAP NetWeaver Application Server 740",
"SAP SAP NetWeaver Application Server 750",
"SAP SAP NetWeaver Application Server 751",
"SAP SAP NetWeaver Application Server 752",
"SAP SAP NetWeaver Application Server 700",
"SAP SAP NetWeaver Application Server 701",
"SAP SAP NetWeaver Application Server 75C",
"SAP SAP NetWeaver Application Server 75D",
"SAP SAP NetWeaver Application Server 75E",
"SAP SAP NetWeaver Application Server 75F",
"SAP SAP NetWeaver Application Server 75G",
"SAP SAP NetWeaver Application Server 75H",
"SAP SAP NetWeaver Application Server 75I"
]
},
"referenceLink": "https://me.sap.com/notes/3501359",
"serverity": "\u4e2d",
"submitTime": "2024-09-18",
"title": "SAP NetWeaver Application Server\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2024-49629\uff09"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…