Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-45283 (GCVE-0-2024-45283)
Vulnerability from cvelistv5 – Published: 2024-09-10 04:52 – Updated: 2024-09-10 13:46
VLAI?
EPSS
Summary
SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data.
Severity ?
6 (Medium)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP NetWeaver AS for Java (Destination Service) |
Affected:
7.50
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45283",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:46:01.984548Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:46:19.680Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver AS for Java (Destination Service)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data.\u003c/p\u003e"
}
],
"value": "SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256: Plaintext Storage of a Password",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T04:52:30.209Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3477359"
},
{
"url": "https://url.sap/sapsecuritypatchday"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information disclosure vulnerability in SAP NetWeaver AS for Java (Destination Service)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2024-45283",
"datePublished": "2024-09-10T04:52:30.209Z",
"dateReserved": "2024-08-26T10:39:20.933Z",
"dateUpdated": "2024-09-10T13:46:19.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data.\"}, {\"lang\": \"es\", \"value\": \"SAP NetWeaver AS para Java permite a un atacante autorizado obtener informaci\\u00f3n confidencial. El atacante podr\\u00eda obtener el nombre de usuario y la contrase\\u00f1a al crear un destino RFC. Despu\\u00e9s de una explotaci\\u00f3n exitosa, un atacante puede leer la informaci\\u00f3n confidencial, pero no puede modificar ni eliminar los datos.\"}]",
"id": "CVE-2024-45283",
"lastModified": "2024-09-10T12:09:50.377",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"cna@sap.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N\", \"baseScore\": 6.0, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.5, \"impactScore\": 4.0}]}",
"published": "2024-09-10T05:15:12.207",
"references": "[{\"url\": \"https://me.sap.com/notes/3477359\", \"source\": \"cna@sap.com\"}, {\"url\": \"https://url.sap/sapsecuritypatchday\", \"source\": \"cna@sap.com\"}]",
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"cna@sap.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-256\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-45283\",\"sourceIdentifier\":\"cna@sap.com\",\"published\":\"2024-09-10T05:15:12.207\",\"lastModified\":\"2024-09-10T12:09:50.377\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data.\"},{\"lang\":\"es\",\"value\":\"SAP NetWeaver AS para Java permite a un atacante autorizado obtener informaci\u00f3n confidencial. El atacante podr\u00eda obtener el nombre de usuario y la contrase\u00f1a al crear un destino RFC. Despu\u00e9s de una explotaci\u00f3n exitosa, un atacante puede leer la informaci\u00f3n confidencial, pero no puede modificar ni eliminar los datos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cna@sap.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":6.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.5,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"cna@sap.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-256\"}]}],\"references\":[{\"url\":\"https://me.sap.com/notes/3477359\",\"source\":\"cna@sap.com\"},{\"url\":\"https://url.sap/sapsecuritypatchday\",\"source\":\"cna@sap.com\"}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unaffected\", \"product\": \"SAP NetWeaver AS for Java (Destination Service)\", \"vendor\": \"SAP_SE\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.50\"}]}], \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"\u003cp\u003eSAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data.\u003c/p\u003e\"}], \"value\": \"SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data.\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"LOCAL\", \"availabilityImpact\": \"NONE\", \"baseScore\": 6, \"baseSeverity\": \"MEDIUM\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"scope\": \"CHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N\", \"version\": \"3.1\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-256\", \"description\": \"CWE-256: Plaintext Storage of a Password\", \"lang\": \"eng\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"shortName\": \"sap\", \"dateUpdated\": \"2024-09-10T04:52:30.209Z\"}, \"references\": [{\"url\": \"https://me.sap.com/notes/3477359\"}, {\"url\": \"https://url.sap/sapsecuritypatchday\"}], \"source\": {\"discovery\": \"UNKNOWN\"}, \"title\": \"Information disclosure vulnerability in SAP NetWeaver AS for Java (Destination Service)\", \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-45283\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T13:46:01.984548Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-10T13:46:09.051Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2024-45283\", \"assignerOrgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"sap\", \"dateReserved\": \"2024-08-26T10:39:20.933Z\", \"datePublished\": \"2024-09-10T04:52:30.209Z\", \"dateUpdated\": \"2024-09-10T13:46:19.680Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
WID-SEC-W-2024-2086
Vulnerability from csaf_certbund - Published: 2024-09-09 22:00 - Updated: 2024-09-09 22:00Summary
SAP Patchday September 2024
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
SAP stellt unternehmensweite Lösungen für Geschäftsprozesse wie Buchführung, Vertrieb, Einkauf und Lagerhaltung zur Verfügung.
Angriff
Ein Angreifer kann mehrere Schwachstellen in SAP Software ausnutzen, um seine Privilegien zu erhöhen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "SAP stellt unternehmensweite L\u00f6sungen f\u00fcr Gesch\u00e4ftsprozesse wie Buchf\u00fchrung, Vertrieb, Einkauf und Lagerhaltung zur Verf\u00fcgung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in SAP Software ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-2086 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2086.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-2086 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2086"
},
{
"category": "external",
"summary": "SAP Security Patch Day \u2013 September 2024 vom 2024-09-09",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2024.html"
}
],
"source_lang": "en-US",
"title": "SAP Patchday September 2024",
"tracking": {
"current_release_date": "2024-09-09T22:00:00.000+00:00",
"generator": {
"date": "2024-09-10T10:03:41.307+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.6"
}
},
"id": "WID-SEC-W-2024-2086",
"initial_release_date": "2024-09-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-09-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "SAP Software",
"product": {
"name": "SAP Software",
"product_id": "T031077",
"product_identification_helper": {
"cpe": "cpe:/a:sap:sap:-"
}
}
}
],
"category": "vendor",
"name": "SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-3587",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2013-3587"
},
{
"cve": "CVE-2022-0778",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2023-0215",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0286",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2024-33003",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-33003"
},
{
"cve": "CVE-2024-41728",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-41728"
},
{
"cve": "CVE-2024-41729",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-41729"
},
{
"cve": "CVE-2024-41730",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-41730"
},
{
"cve": "CVE-2024-42371",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-42371"
},
{
"cve": "CVE-2024-42378",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-42378"
},
{
"cve": "CVE-2024-42380",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-42380"
},
{
"cve": "CVE-2024-44112",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44112"
},
{
"cve": "CVE-2024-44113",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44113"
},
{
"cve": "CVE-2024-44114",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44114"
},
{
"cve": "CVE-2024-44115",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44115"
},
{
"cve": "CVE-2024-44116",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44116"
},
{
"cve": "CVE-2024-44117",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44117"
},
{
"cve": "CVE-2024-44120",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44120"
},
{
"cve": "CVE-2024-44121",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-44121"
},
{
"cve": "CVE-2024-45279",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45279"
},
{
"cve": "CVE-2024-45280",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45280"
},
{
"cve": "CVE-2024-45281",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45281"
},
{
"cve": "CVE-2024-45283",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45283"
},
{
"cve": "CVE-2024-45284",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45284"
},
{
"cve": "CVE-2024-45285",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45285"
},
{
"cve": "CVE-2024-45286",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler existieren in verschiedenen Komponenten wie eProcurement, dem NetWeaver Application Server oder der Commerce Cloud, u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung, einem dll-Hijacking oder einer fehlenden Authentifizierungspr\u00fcfung und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T031077"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-45286"
}
]
}
WID-SEC-W-2024-3093
Vulnerability from csaf_certbund - Published: 2024-10-07 22:00 - Updated: 2024-10-07 22:00Summary
SAP Software: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
SAP stellt unternehmensweite Lösungen für Geschäftsprozesse wie Buchführung, Vertrieb, Einkauf und Lagerhaltung zur Verfügung.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in SAP Software ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen und einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "SAP stellt unternehmensweite L\u00f6sungen f\u00fcr Gesch\u00e4ftsprozesse wie Buchf\u00fchrung, Vertrieb, Einkauf und Lagerhaltung zur Verf\u00fcgung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in SAP Software ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3093 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3093.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3093 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3093"
},
{
"category": "external",
"summary": "SAP Security Patch Day \u2013 October 2024 vom 2024-10-07",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2024.html"
}
],
"source_lang": "en-US",
"title": "SAP Software: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-10-07T22:00:00.000+00:00",
"generator": {
"date": "2024-10-08T08:11:29.115+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3093",
"initial_release_date": "2024-10-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "SAP Software",
"product": {
"name": "SAP Software",
"product_id": "T038023",
"product_identification_helper": {
"cpe": "cpe:/a:sap:sap:-"
}
}
}
],
"category": "vendor",
"name": "SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-23302",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in verschiedenen Komponenten wie NetWeaver, SAP HANA oder der BusinessObjects Business Intelligence Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038023"
]
},
"release_date": "2024-10-07T22:00:00.000+00:00",
"title": "CVE-2022-23302"
},
{
"cve": "CVE-2024-37179",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in verschiedenen Komponenten wie NetWeaver, SAP HANA oder der BusinessObjects Business Intelligence Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038023"
]
},
"release_date": "2024-10-07T22:00:00.000+00:00",
"title": "CVE-2024-37179"
},
{
"cve": "CVE-2024-37180",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in verschiedenen Komponenten wie NetWeaver, SAP HANA oder der BusinessObjects Business Intelligence Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038023"
]
},
"release_date": "2024-10-07T22:00:00.000+00:00",
"title": "CVE-2024-37180"
},
{
"cve": "CVE-2024-39592",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in verschiedenen Komponenten wie NetWeaver, SAP HANA oder der BusinessObjects Business Intelligence Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038023"
]
},
"release_date": "2024-10-07T22:00:00.000+00:00",
"title": "CVE-2024-39592"
},
{
"cve": "CVE-2024-41729",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in verschiedenen Komponenten wie NetWeaver, SAP HANA oder der BusinessObjects Business Intelligence Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038023"
]
},
"release_date": "2024-10-07T22:00:00.000+00:00",
"title": "CVE-2024-41729"
},
{
"cve": "CVE-2024-41730",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in verschiedenen Komponenten wie NetWeaver, SAP HANA oder der BusinessObjects Business Intelligence Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038023"
]
},
"release_date": "2024-10-07T22:00:00.000+00:00",
"title": "CVE-2024-41730"
},
{
"cve": "CVE-2024-42373",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in verschiedenen Komponenten wie NetWeaver, SAP HANA oder der BusinessObjects Business Intelligence Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038023"
]
},
"release_date": "2024-10-07T22:00:00.000+00:00",
"title": "CVE-2024-42373"
},
{
"cve": "CVE-2024-45277",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in verschiedenen Komponenten wie NetWeaver, SAP HANA oder der BusinessObjects Business Intelligence Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038023"
]
},
"release_date": "2024-10-07T22:00:00.000+00:00",
"title": "CVE-2024-45277"
},
{
"cve": "CVE-2024-45278",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in verschiedenen Komponenten wie NetWeaver, SAP HANA oder der BusinessObjects Business Intelligence Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038023"
]
},
"release_date": "2024-10-07T22:00:00.000+00:00",
"title": "CVE-2024-45278"
},
{
"cve": "CVE-2024-45282",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in verschiedenen Komponenten wie NetWeaver, SAP HANA oder der BusinessObjects Business Intelligence Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038023"
]
},
"release_date": "2024-10-07T22:00:00.000+00:00",
"title": "CVE-2024-45282"
},
{
"cve": "CVE-2024-45283",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in verschiedenen Komponenten wie NetWeaver, SAP HANA oder der BusinessObjects Business Intelligence Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038023"
]
},
"release_date": "2024-10-07T22:00:00.000+00:00",
"title": "CVE-2024-45283"
},
{
"cve": "CVE-2024-47594",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Fehler bestehen in verschiedenen Komponenten wie NetWeaver, SAP HANA oder der BusinessObjects Business Intelligence Platform, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer fehlenden Autorisierung oder einer unsachgem\u00e4\u00dfen Eingabevalidierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038023"
]
},
"release_date": "2024-10-07T22:00:00.000+00:00",
"title": "CVE-2024-47594"
}
]
}
NCSC-2024-0378
Vulnerability from csaf_ncscnl - Published: 2024-09-19 11:37 - Updated: 2024-09-19 11:37Summary
Kwetsbaarheden verholpen in SAP producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
SAP heeft kwetsbaarheden verholpen in diverse producten, zoals SAP, Business Warehouse, NetWeaver, HANA, Business Objects en Commerce.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Cross-Site Scripting (XSS)
- Omzeilen van authenticatie
- Omzeilen van beveiligingsmaatregel
- Uitvoer van willekeurige code (gebruikersrechten)
- Toegang tot gevoelige gegevens
Oplossingen
SAP heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
CWE-213
Exposure of Sensitive Information Due to Incompatible Policies
CWE-426
Untrusted Search Path
CWE-256
Plaintext Storage of a Password
CWE-325
Missing Cryptographic Step
CWE-862
Missing Authorization
CWE-863
Incorrect Authorization
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "SAP heeft kwetsbaarheden verholpen in diverse producten, zoals SAP, Business Warehouse, NetWeaver, HANA, Business Objects en Commerce.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Cross-Site Scripting (XSS)\n- Omzeilen van authenticatie\n- Omzeilen van beveiligingsmaatregel\n- Uitvoer van willekeurige code (gebruikersrechten)\n- Toegang tot gevoelige gegevens",
"title": "Interpretaties"
},
{
"category": "description",
"text": "SAP heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CWE-359"
},
{
"category": "general",
"text": "Exposure of Sensitive Information Due to Incompatible Policies",
"title": "CWE-213"
},
{
"category": "general",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "general",
"text": "Plaintext Storage of a Password",
"title": "CWE-256"
},
{
"category": "general",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "general",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Source - sap",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2024.html"
}
],
"title": "Kwetsbaarheden verholpen in SAP producten",
"tracking": {
"current_release_date": "2024-09-19T11:37:39.757598Z",
"id": "NCSC-2024-0378",
"initial_release_date": "2024-09-19T11:37:39.757598Z",
"revision_history": [
{
"date": "2024-09-19T11:37:39.757598Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1637389",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:dw4core_200:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1637390",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:dw4core_300:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1637391",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:dw4core_400:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496469",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496470",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496471",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496473",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496474",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496475",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496476",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496477",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496478",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_753:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496479",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_754:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496480",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_755:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496481",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_756:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496482",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_757:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_warehouse",
"product": {
"name": "business_warehouse",
"product_id": "CSAFPID-1496483",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:business_warehouse:sap_bw_758:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "businessobjects_business_intelligence_platform",
"product": {
"name": "businessobjects_business_intelligence_platform",
"product_id": "CSAFPID-55202",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:businessobjects_business_intelligence_platform:430:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "commerce_cloud",
"product": {
"name": "commerce_cloud",
"product_id": "CSAFPID-382448",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:commerce_cloud:2211:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-173007",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-173009",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-173010",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-173004",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74446",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74448",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74436",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74454",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74442",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:753:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74453",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:754:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74434",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:755:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74449",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:756:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-74432",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:757:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-340930",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:758:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_abap",
"product": {
"name": "netweaver_application_server_abap",
"product_id": "CSAFPID-1637232",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap:912:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262156",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262157",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262158",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262162",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262163",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262164",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262165",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1262166",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637253",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75c:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637250",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75d:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637252",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75e:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637255",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75f:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637254",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75g:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637256",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75h:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_application_server_for_abap",
"product": {
"name": "netweaver_application_server_for_abap",
"product_id": "CSAFPID-1637251",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_for_abap:75i:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_as_for_java",
"product": {
"name": "netweaver_as_for_java",
"product_id": "CSAFPID-164614",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_as_for_java:7.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_as_java",
"product": {
"name": "netweaver_as_java",
"product_id": "CSAFPID-837776",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_as_java:7.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637280",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:dw4core_200:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637282",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:dw4core_300:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637278",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:dw4core_400:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637283",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637284",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637276",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637274",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637287",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637281",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637279",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637273",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637275",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_753:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637285",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_754:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637288",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_755:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637286",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_756:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637277",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_757:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_bw",
"product": {
"name": "netweaver_bw",
"product_id": "CSAFPID-1637272",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_bw:sap_bw_758:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "netweaver_enterprise_portal",
"product": {
"name": "netweaver_enterprise_portal",
"product_id": "CSAFPID-55577",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_enterprise_portal:7.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642792",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:600:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642793",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:602:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642794",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:603:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642795",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:604:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642796",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:605:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642797",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:606:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642798",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642799",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642800",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642801",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642802",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642803",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642804",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642805",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:806:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_\\%\\/_gas",
"product": {
"name": "oil_\\%\\/_gas",
"product_id": "CSAFPID-1642806",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_\\%\\/_gas:807:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637374",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:600:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637375",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:602:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637376",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:603:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637377",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:604:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637378",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:605:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637379",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:606:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637380",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637381",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637382",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637383",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637384",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637385",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637386",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637387",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:806:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oil_gas",
"product": {
"name": "oil_gas",
"product_id": "CSAFPID-1637388",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:oil_gas:807:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637261",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_605:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637260",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_606:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637267",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_616:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637266",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637263",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637264",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637265",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_801:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637262",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637259",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637257",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637268",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:is-pra_805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637258",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:s4cext_106:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637270",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:s4cext_107:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "production_and_revenue_accounting",
"product": {
"name": "production_and_revenue_accounting",
"product_id": "CSAFPID-1637269",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:production_and_revenue_accounting:s4cext_108:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap",
"product": {
"name": "sap",
"product_id": "CSAFPID-1498297",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:sap:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1614510",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475930",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1637289",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475932",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475933",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475927",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475931",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475928",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:806:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475934",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:807:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "student_life_cycle_management",
"product": {
"name": "student_life_cycle_management",
"product_id": "CSAFPID-1475929",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:student_life_cycle_management:808:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "sap"
},
{
"branches": [
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637073",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:dw4core_200:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637074",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:dw4core_300:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637075",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:dw4core_400:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637076",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637077",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637078",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637079",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637080",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637081",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637082",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637083",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637084",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_753:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637085",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_754:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637086",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_755:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637087",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_756:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637088",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_757:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_business_warehouse__bex_analyzer_",
"product": {
"name": "sap_business_warehouse__bex_analyzer_",
"product_id": "CSAFPID-1637089",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_business_warehouse__bex_analyzer_:sap_bw_758:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_businessobjects_business_intelligence_platform",
"product": {
"name": "sap_businessobjects_business_intelligence_platform",
"product_id": "CSAFPID-1464457",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_businessobjects_business_intelligence_platform:430:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637153",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:600:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637154",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:602:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637155",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:603:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637156",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:604:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637157",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:605:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637158",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:606:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637159",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637160",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637161",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637162",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637163",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637164",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637165",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637166",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:806:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_for_oil___gas",
"product": {
"name": "sap_for_oil___gas",
"product_id": "CSAFPID-1637167",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_for_oil___gas:807:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637137",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637138",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637139",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637140",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637141",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637142",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637143",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637144",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637145",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75c:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637146",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75d:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637147",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75e:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637148",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75f:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637149",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75g:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637150",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75h:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product": {
"name": "sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_",
"product_id": "CSAFPID-1637151",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap__crm_blueprint_application_builder_panel_:75i:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559119",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559120",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559121",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559125",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559126",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559127",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559128",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559129",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559130",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:753:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559131",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:754:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559132",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:755:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1559133",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:756:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1637090",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:757:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1637091",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:758:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product": {
"name": "sap_netweaver_application_server_for_abap_and_abap_platform",
"product_id": "CSAFPID-1637092",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_application_server_for_abap_and_abap_platform:912:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_as_for_java__destination_service_",
"product": {
"name": "sap_netweaver_as_for_java__destination_service_",
"product_id": "CSAFPID-1637194",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_as_for_java__destination_service_:7.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_as_java__logon_application_",
"product": {
"name": "sap_netweaver_as_java__logon_application_",
"product_id": "CSAFPID-1637152",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_as_java__logon_application_:7.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637093",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:dw4core_200:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637094",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:dw4core_300:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637095",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:dw4core_400:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637096",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_700:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637097",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_701:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637098",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_702:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637099",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_731:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637100",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_740:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637101",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_750:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637102",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_751:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637103",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_752:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637104",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_753:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637105",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_754:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637106",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_755:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637107",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_756:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637108",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_757:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_bw__bex_analyzer_",
"product": {
"name": "sap_netweaver_bw__bex_analyzer_",
"product_id": "CSAFPID-1637109",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_bw__bex_analyzer_:sap_bw_758:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_netweaver_enterprise_portal",
"product": {
"name": "sap_netweaver_enterprise_portal",
"product_id": "CSAFPID-1550602",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_netweaver_enterprise_portal:7.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637171",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_605:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637172",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_606:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637173",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_616:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637174",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637175",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637176",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637177",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_801:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637178",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637179",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637180",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637181",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:is-pra_805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637168",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:s4cext_106:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637169",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:s4cext_107:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product": {
"name": "sap_production_and_revenue_accounting__tobin_interface_",
"product_id": "CSAFPID-1637170",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_production_and_revenue_accounting__tobin_interface_:s4cext_108:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4_hana__statutory_reports_",
"product": {
"name": "sap_s_4_hana__statutory_reports_",
"product_id": "CSAFPID-1637136",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4_hana__statutory_reports_:900:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637113",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_102:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637114",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_103:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637115",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_104:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637116",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_105:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637117",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_106:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637118",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_107:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637119",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:s4core_108:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637110",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:sap_appl_606:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637111",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:sap_appl_617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_s_4hana_eprocurement",
"product": {
"name": "sap_s_4hana_eprocurement",
"product_id": "CSAFPID-1637112",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_s_4hana_eprocurement:sap_appl_618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614213",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:617:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614214",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:618:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1637190",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:800:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614215",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:802:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614216",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:803:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614217",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:804:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614218",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:805:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614219",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:806:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614220",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:807:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sap_student_life_cycle_management__slcm_",
"product": {
"name": "sap_student_life_cycle_management__slcm_",
"product_id": "CSAFPID-1614221",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap_se:sap_student_life_cycle_management__slcm_:808:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "sap_se"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-3587",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"notes": [
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1498297",
"CSAFPID-382448"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2013-3587",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2013/CVE-2013-3587.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1498297",
"CSAFPID-382448"
]
}
],
"title": "CVE-2013-3587"
},
{
"cve": "CVE-2024-41728",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41728",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41728.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-41728"
},
{
"cve": "CVE-2024-41729",
"cwe": {
"id": "CWE-359",
"name": "Exposure of Private Personal Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CWE-359"
},
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637093",
"CSAFPID-1637094",
"CSAFPID-1637095",
"CSAFPID-1637096",
"CSAFPID-1637097",
"CSAFPID-1637098",
"CSAFPID-1637099",
"CSAFPID-1637100",
"CSAFPID-1637101",
"CSAFPID-1637102",
"CSAFPID-1637103",
"CSAFPID-1637104",
"CSAFPID-1637105",
"CSAFPID-1637106",
"CSAFPID-1637107",
"CSAFPID-1637108",
"CSAFPID-1637109",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41729",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41729.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637093",
"CSAFPID-1637094",
"CSAFPID-1637095",
"CSAFPID-1637096",
"CSAFPID-1637097",
"CSAFPID-1637098",
"CSAFPID-1637099",
"CSAFPID-1637100",
"CSAFPID-1637101",
"CSAFPID-1637102",
"CSAFPID-1637103",
"CSAFPID-1637104",
"CSAFPID-1637105",
"CSAFPID-1637106",
"CSAFPID-1637107",
"CSAFPID-1637108",
"CSAFPID-1637109",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-41729"
},
{
"cve": "CVE-2024-42371",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-42371",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42371.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-42371"
},
{
"cve": "CVE-2024-42378",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637110",
"CSAFPID-1637111",
"CSAFPID-1637112",
"CSAFPID-1637113",
"CSAFPID-1637114",
"CSAFPID-1637115",
"CSAFPID-1637116",
"CSAFPID-1637117",
"CSAFPID-1637118",
"CSAFPID-1637119",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-42378",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42378.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637110",
"CSAFPID-1637111",
"CSAFPID-1637112",
"CSAFPID-1637113",
"CSAFPID-1637114",
"CSAFPID-1637115",
"CSAFPID-1637116",
"CSAFPID-1637117",
"CSAFPID-1637118",
"CSAFPID-1637119",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-42378"
},
{
"cve": "CVE-2024-42380",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74432",
"CSAFPID-173009",
"CSAFPID-340930",
"CSAFPID-173010",
"CSAFPID-74448",
"CSAFPID-74449",
"CSAFPID-74434",
"CSAFPID-1637232",
"CSAFPID-173007",
"CSAFPID-74436",
"CSAFPID-74453",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-42380",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42380.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74432",
"CSAFPID-173009",
"CSAFPID-340930",
"CSAFPID-173010",
"CSAFPID-74448",
"CSAFPID-74449",
"CSAFPID-74434",
"CSAFPID-1637232",
"CSAFPID-173007",
"CSAFPID-74436",
"CSAFPID-74453",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-42380"
},
{
"cve": "CVE-2024-44112",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637153",
"CSAFPID-1637154",
"CSAFPID-1637155",
"CSAFPID-1637156",
"CSAFPID-1637157",
"CSAFPID-1637158",
"CSAFPID-1637159",
"CSAFPID-1637160",
"CSAFPID-1637161",
"CSAFPID-1637162",
"CSAFPID-1637163",
"CSAFPID-1637164",
"CSAFPID-1637165",
"CSAFPID-1637166",
"CSAFPID-1637167",
"CSAFPID-1498297",
"CSAFPID-1642792",
"CSAFPID-1642793",
"CSAFPID-1642794",
"CSAFPID-1642795",
"CSAFPID-1642796",
"CSAFPID-1642797",
"CSAFPID-1642798",
"CSAFPID-1642799",
"CSAFPID-1642800",
"CSAFPID-1642801",
"CSAFPID-1642802",
"CSAFPID-1642803",
"CSAFPID-1642804",
"CSAFPID-1642805",
"CSAFPID-1642806"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44112",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44112.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637153",
"CSAFPID-1637154",
"CSAFPID-1637155",
"CSAFPID-1637156",
"CSAFPID-1637157",
"CSAFPID-1637158",
"CSAFPID-1637159",
"CSAFPID-1637160",
"CSAFPID-1637161",
"CSAFPID-1637162",
"CSAFPID-1637163",
"CSAFPID-1637164",
"CSAFPID-1637165",
"CSAFPID-1637166",
"CSAFPID-1637167",
"CSAFPID-1498297",
"CSAFPID-1642792",
"CSAFPID-1642793",
"CSAFPID-1642794",
"CSAFPID-1642795",
"CSAFPID-1642796",
"CSAFPID-1642797",
"CSAFPID-1642798",
"CSAFPID-1642799",
"CSAFPID-1642800",
"CSAFPID-1642801",
"CSAFPID-1642802",
"CSAFPID-1642803",
"CSAFPID-1642804",
"CSAFPID-1642805",
"CSAFPID-1642806"
]
}
],
"title": "CVE-2024-44112"
},
{
"cve": "CVE-2024-44113",
"cwe": {
"id": "CWE-359",
"name": "Exposure of Private Personal Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Private Personal Information to an Unauthorized Actor",
"title": "CWE-359"
},
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637073",
"CSAFPID-1637074",
"CSAFPID-1637075",
"CSAFPID-1637076",
"CSAFPID-1637077",
"CSAFPID-1637078",
"CSAFPID-1637079",
"CSAFPID-1637080",
"CSAFPID-1637081",
"CSAFPID-1637082",
"CSAFPID-1637083",
"CSAFPID-1637084",
"CSAFPID-1637085",
"CSAFPID-1637086",
"CSAFPID-1637087",
"CSAFPID-1637088",
"CSAFPID-1637089",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44113",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44113.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637073",
"CSAFPID-1637074",
"CSAFPID-1637075",
"CSAFPID-1637076",
"CSAFPID-1637077",
"CSAFPID-1637078",
"CSAFPID-1637079",
"CSAFPID-1637080",
"CSAFPID-1637081",
"CSAFPID-1637082",
"CSAFPID-1637083",
"CSAFPID-1637084",
"CSAFPID-1637085",
"CSAFPID-1637086",
"CSAFPID-1637087",
"CSAFPID-1637088",
"CSAFPID-1637089",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44113"
},
{
"cve": "CVE-2024-44114",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44114",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44114.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44114"
},
{
"cve": "CVE-2024-44115",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74432",
"CSAFPID-173009",
"CSAFPID-340930",
"CSAFPID-173010",
"CSAFPID-74448",
"CSAFPID-74449",
"CSAFPID-74434",
"CSAFPID-1637232",
"CSAFPID-173007",
"CSAFPID-74436",
"CSAFPID-74453",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44115",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44115.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74432",
"CSAFPID-173009",
"CSAFPID-340930",
"CSAFPID-173010",
"CSAFPID-74448",
"CSAFPID-74449",
"CSAFPID-74434",
"CSAFPID-1637232",
"CSAFPID-173007",
"CSAFPID-74436",
"CSAFPID-74453",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44115"
},
{
"cve": "CVE-2024-44116",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74432",
"CSAFPID-173009",
"CSAFPID-340930",
"CSAFPID-173010",
"CSAFPID-74448",
"CSAFPID-74449",
"CSAFPID-74434",
"CSAFPID-1637232",
"CSAFPID-173007",
"CSAFPID-74436",
"CSAFPID-74453",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44116",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44116.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74432",
"CSAFPID-173009",
"CSAFPID-340930",
"CSAFPID-173010",
"CSAFPID-74448",
"CSAFPID-74449",
"CSAFPID-74434",
"CSAFPID-1637232",
"CSAFPID-173007",
"CSAFPID-74436",
"CSAFPID-74453",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44116"
},
{
"cve": "CVE-2024-44117",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44117",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44117.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44117"
},
{
"cve": "CVE-2024-44120",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1550602",
"CSAFPID-55577",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44120",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44120.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1550602",
"CSAFPID-55577",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44120"
},
{
"cve": "CVE-2024-44121",
"cwe": {
"id": "CWE-213",
"name": "Exposure of Sensitive Information Due to Incompatible Policies"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information Due to Incompatible Policies",
"title": "CWE-213"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637136",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-44121",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44121.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637136",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-44121"
},
{
"cve": "CVE-2024-45279",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637137",
"CSAFPID-1637138",
"CSAFPID-1637139",
"CSAFPID-1637140",
"CSAFPID-1637141",
"CSAFPID-1637142",
"CSAFPID-1637143",
"CSAFPID-1637144",
"CSAFPID-1637145",
"CSAFPID-1637146",
"CSAFPID-1637147",
"CSAFPID-1637148",
"CSAFPID-1637149",
"CSAFPID-1637150",
"CSAFPID-1637151",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45279",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45279.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637137",
"CSAFPID-1637138",
"CSAFPID-1637139",
"CSAFPID-1637140",
"CSAFPID-1637141",
"CSAFPID-1637142",
"CSAFPID-1637143",
"CSAFPID-1637144",
"CSAFPID-1637145",
"CSAFPID-1637146",
"CSAFPID-1637147",
"CSAFPID-1637148",
"CSAFPID-1637149",
"CSAFPID-1637150",
"CSAFPID-1637151",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45279"
},
{
"cve": "CVE-2024-45280",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637152",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45280",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45280.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637152",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45280"
},
{
"cve": "CVE-2024-45281",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"notes": [
{
"category": "other",
"text": "Untrusted Search Path",
"title": "CWE-426"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1464457",
"CSAFPID-55202",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45281",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45281.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1464457",
"CSAFPID-55202",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45281"
},
{
"cve": "CVE-2024-45283",
"cwe": {
"id": "CWE-256",
"name": "Plaintext Storage of a Password"
},
"notes": [
{
"category": "other",
"text": "Plaintext Storage of a Password",
"title": "CWE-256"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637194",
"CSAFPID-164614",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45283",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45283.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637194",
"CSAFPID-164614",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45283"
},
{
"cve": "CVE-2024-45284",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1614213",
"CSAFPID-1614214",
"CSAFPID-1637190",
"CSAFPID-1614215",
"CSAFPID-1614216",
"CSAFPID-1614217",
"CSAFPID-1614218",
"CSAFPID-1614219",
"CSAFPID-1614220",
"CSAFPID-1614221",
"CSAFPID-1614510",
"CSAFPID-1475927",
"CSAFPID-1475928",
"CSAFPID-1475929",
"CSAFPID-1475930",
"CSAFPID-1475931",
"CSAFPID-1475932",
"CSAFPID-1475933",
"CSAFPID-1475934",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45284",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45284.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-1614213",
"CSAFPID-1614214",
"CSAFPID-1637190",
"CSAFPID-1614215",
"CSAFPID-1614216",
"CSAFPID-1614217",
"CSAFPID-1614218",
"CSAFPID-1614219",
"CSAFPID-1614220",
"CSAFPID-1614221",
"CSAFPID-1614510",
"CSAFPID-1475927",
"CSAFPID-1475928",
"CSAFPID-1475929",
"CSAFPID-1475930",
"CSAFPID-1475931",
"CSAFPID-1475932",
"CSAFPID-1475933",
"CSAFPID-1475934",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45284"
},
{
"cve": "CVE-2024-45285",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45285",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45285.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1559119",
"CSAFPID-1559120",
"CSAFPID-1559121",
"CSAFPID-1559125",
"CSAFPID-1559126",
"CSAFPID-1559127",
"CSAFPID-1559128",
"CSAFPID-1559129",
"CSAFPID-1559130",
"CSAFPID-1559131",
"CSAFPID-1559132",
"CSAFPID-1559133",
"CSAFPID-1637090",
"CSAFPID-1637091",
"CSAFPID-1637092",
"CSAFPID-173007",
"CSAFPID-173009",
"CSAFPID-173010",
"CSAFPID-173004",
"CSAFPID-74446",
"CSAFPID-74448",
"CSAFPID-74436",
"CSAFPID-74454",
"CSAFPID-74442",
"CSAFPID-74453",
"CSAFPID-74434",
"CSAFPID-74449",
"CSAFPID-74432",
"CSAFPID-340930",
"CSAFPID-1637232",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45285"
},
{
"cve": "CVE-2024-45286",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1637168",
"CSAFPID-1637169",
"CSAFPID-1637170",
"CSAFPID-1637171",
"CSAFPID-1637172",
"CSAFPID-1637173",
"CSAFPID-1637174",
"CSAFPID-1637175",
"CSAFPID-1637176",
"CSAFPID-1637177",
"CSAFPID-1637178",
"CSAFPID-1637179",
"CSAFPID-1637180",
"CSAFPID-1637181",
"CSAFPID-1498297"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45286",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45286.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1637168",
"CSAFPID-1637169",
"CSAFPID-1637170",
"CSAFPID-1637171",
"CSAFPID-1637172",
"CSAFPID-1637173",
"CSAFPID-1637174",
"CSAFPID-1637175",
"CSAFPID-1637176",
"CSAFPID-1637177",
"CSAFPID-1637178",
"CSAFPID-1637179",
"CSAFPID-1637180",
"CSAFPID-1637181",
"CSAFPID-1498297"
]
}
],
"title": "CVE-2024-45286"
}
]
}
FKIE_CVE-2024-45283
Vulnerability from fkie_nvd - Published: 2024-09-10 05:15 - Updated: 2024-09-10 12:09
Severity ?
Summary
SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data."
},
{
"lang": "es",
"value": "SAP NetWeaver AS para Java permite a un atacante autorizado obtener informaci\u00f3n confidencial. El atacante podr\u00eda obtener el nombre de usuario y la contrase\u00f1a al crear un destino RFC. Despu\u00e9s de una explotaci\u00f3n exitosa, un atacante puede leer la informaci\u00f3n confidencial, pero no puede modificar ni eliminar los datos."
}
],
"id": "CVE-2024-45283",
"lastModified": "2024-09-10T12:09:50.377",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0,
"source": "cna@sap.com",
"type": "Secondary"
}
]
},
"published": "2024-09-10T05:15:12.207",
"references": [
{
"source": "cna@sap.com",
"url": "https://me.sap.com/notes/3477359"
},
{
"source": "cna@sap.com",
"url": "https://url.sap/sapsecuritypatchday"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-256"
}
],
"source": "cna@sap.com",
"type": "Primary"
}
]
}
CERTFR-2024-AVI-0754
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | SAP pour Oil & Gas | SAP pour Oil & Gas versions 600, 602, 603, 604, 605, 606, 617, 618, 800, 802, 803, 804, 805, 806, 807 et 807 sans le dernier correctif de sécurité | ||
| SAP | Commerce Cloud | Commerce Cloud versions HY_COM 1808, 1811, 1905, 2005, 2105, 2011, 2205 et COM_CLOUD 2211 sans le dernier correctif de sécurité | ||
| SAP | Business Warehouse | Business Warehouse (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de sécurité | ||
| SAP | S/4HANA (Manage Incoming Payment Files) | S/4 HANA version 900 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver BW | NetWeaver BW (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de sécurité | ||
| SAP | SAP NetWeaver AS Java | NetWeaver AS pour Java (Destination Service et Logon Application) version 7.50 sans le dernier correctif de sécurité | ||
| SAP | SAP BusinessObjects Business Intelligence | BusinessObjects Business Intelligence Platform version 430 sans le dernier correctif de sécurité | ||
| SAP | SAP Student Life Cycle Management | Student Life Cycle Management (SLcM) versions 617, 618, 800, 802, 803, 804, 805, 806, 807 et 808 sans le dernier correctif de sécurité | ||
| SAP | SAP BusinessObjects Business Intelligence | BusinessObjects Business Intelligence Platform versions ENTERPRISE 430 et 440 sans le dernier correctif de sécurité | ||
| SAP | Replication Server | Replication Server versions 16.0.3 et 16.0.4 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server ABAP et ABAP Platform | SAP NetWeaver Application Server pour ABAP et ABAP Platform, Versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758, 912 sans le dernier correctif de sécurité | ||
| SAP | Production et Revenue Accounting | Production et Revenue Accounting (Tobin interface) versions S4CEXT 106, S4CEXT 107, S4CEXT 108, IS-PRA 605, IS-PRA 606, IS-PRA 616, IS-PRA 617, IS-PRA 618, IS-PRA 800, IS-PRA 801, IS-PRA 802, IS-PRA 803, IS-PRA 804 et IS-PRA 805 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Enterprise Portal | NetWeaver Enterprise Portal version 7.50 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server pour ABAP | NetWeaver Application Server pour ABAP (CRM Blueprint Application Builder Panel) versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de sécurité | ||
| SAP | S/4HANA eProcurement | S/4HANA eProcurement versions SAP_APPL 606, SAP_APPL 617, SAP_APPL 618, S4CORE 102, S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107 et S4CORE 108 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SAP pour Oil \u0026 Gas versions 600, 602, 603, 604, 605, 606, 617, 618, 800, 802, 803, 804, 805, 806, 807 et 807 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP pour Oil \u0026 Gas",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Commerce Cloud versions HY_COM 1808, 1811, 1905, 2005, 2105, 2011, 2205 et COM_CLOUD 2211 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Commerce Cloud",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Business Warehouse (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Business Warehouse",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "S/4 HANA version 900 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "S/4HANA (Manage Incoming Payment Files)",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver BW (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver BW",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver AS pour Java (Destination Service et Logon Application) version 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP NetWeaver AS Java",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects Business Intelligence Platform version 430 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP BusinessObjects Business Intelligence",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Student Life Cycle Management (SLcM) versions 617, 618, 800, 802, 803, 804, 805, 806, 807 et 808 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP Student Life Cycle Management",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects Business Intelligence Platform versions ENTERPRISE 430 et 440 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP BusinessObjects Business Intelligence",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Replication Server versions 16.0.3 et 16.0.4 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Replication Server",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server pour ABAP et ABAP Platform, Versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758, 912 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server ABAP et ABAP Platform",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Production et Revenue Accounting (Tobin interface) versions S4CEXT 106, S4CEXT 107, S4CEXT 108, IS-PRA 605, IS-PRA 606, IS-PRA 616, IS-PRA 617, IS-PRA 618, IS-PRA 800, IS-PRA 801, IS-PRA 802, IS-PRA 803, IS-PRA 804 et IS-PRA 805 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Production et Revenue Accounting",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Enterprise Portal version 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Enterprise Portal",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Application Server pour ABAP (CRM Blueprint Application Builder Panel) versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server pour ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "S/4HANA eProcurement versions SAP_APPL 606, SAP_APPL 617, SAP_APPL 618, S4CORE 102, S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107 et S4CORE 108 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "S/4HANA eProcurement",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-45281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45281"
},
{
"name": "CVE-2024-44115",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44115"
},
{
"name": "CVE-2024-45279",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45279"
},
{
"name": "CVE-2024-44117",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44117"
},
{
"name": "CVE-2024-33003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33003"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45285"
},
{
"name": "CVE-2024-45286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45286"
},
{
"name": "CVE-2024-44116",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44116"
},
{
"name": "CVE-2024-44113",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44113"
},
{
"name": "CVE-2024-41729",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41729"
},
{
"name": "CVE-2024-44112",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44112"
},
{
"name": "CVE-2024-41728",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41728"
},
{
"name": "CVE-2024-42371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42371"
},
{
"name": "CVE-2024-42380",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42380"
},
{
"name": "CVE-2024-45280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45280"
},
{
"name": "CVE-2024-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45283"
},
{
"name": "CVE-2013-3587",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3587"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2024-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45284"
},
{
"name": "CVE-2024-44114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44114"
},
{
"name": "CVE-2024-41730",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41730"
},
{
"name": "CVE-2024-44121",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44121"
},
{
"name": "CVE-2024-42378",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42378"
},
{
"name": "CVE-2024-44120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44120"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0754",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": "2024-09-09",
"title": "Bulletin de s\u00e9curit\u00e9 SAP",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2024.html"
}
]
}
CERTFR-2024-AVI-0844
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | NetWeaver BW | NetWeaver BW (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de sécurité | ||
| SAP | N/A | Commerce Backoffice versions HY_COM 2205 et COM_CLOUD 2211 sans le dernier correctif de sécurité | ||
| SAP | N/A | S/4 HANA (Manage Bank Statements) versions S4CORE, 102, 103, 104, 105, 106 et 107 sans le dernier correctif de sécurité | ||
| SAP | N/A | Student Life Cycle Management (SLcM) versions IS-PS-CA 617, 618, 802, 803, 804, 805, 806, 807 et 808 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Enterprise Portal | NetWeaver Enterprise Portal (KMC) version KMC-BC 7.5 sans le dernier correctif de sécurité | ||
| SAP | N/A | PDCE versions S4CORE 102, 103, S4COREOP 104, 105, 106, 107 et 108 sans le dernier correctif de sécurité | ||
| SAP | N/A | BusinessObjects Business Intelligence Platform (Web Intelligence) versions ENTERPRISE 420, 430, 2025, ENTERPRISECLIENTTOOLS 420, 430 et 2025 sans le dernier correctif de sécurité | ||
| SAP | N/A | HANA Client version HDB_CLIENT 2.0 sans le dernier correctif de sécurité | ||
| SAP | N/A | NetWeaver AS for Java version 7.50 sans le dernier correctif de sécurité | ||
| SAP | N/A | SAP NetWeaver Application Server pour plateformes ABAP et ABAP versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757 et SAP_BASIS 758 sans le dernier correctif de sécurité | ||
| SAP | N/A | Enterprise Project Connection version 3.0 sans le dernier correctif de sécurité | ||
| SAP | N/A | BusinessObjects Business Intelligence Platform versions ENTERPRISE 420, 430 et 440 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "NetWeaver BW (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver BW",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Commerce Backoffice versions HY_COM 2205 et COM_CLOUD 2211 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "S/4 HANA (Manage Bank Statements) versions S4CORE, 102, 103, 104, 105, 106 et 107 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Student Life Cycle Management (SLcM) versions IS-PS-CA 617, 618, 802, 803, 804, 805, 806, 807 et 808 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Enterprise Portal (KMC) version KMC-BC 7.5 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Enterprise Portal",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "PDCE versions S4CORE 102, 103, S4COREOP 104, 105, 106, 107 et 108 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects Business Intelligence Platform (Web Intelligence) versions ENTERPRISE 420, 430, 2025, ENTERPRISECLIENTTOOLS 420, 430 et 2025 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "HANA Client version HDB_CLIENT 2.0 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver AS for Java version 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server pour plateformes ABAP et ABAP versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757 et SAP_BASIS 758 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Enterprise Project Connection version 3.0 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects Business Intelligence Platform versions ENTERPRISE 420, 430 et 440 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-45282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45282"
},
{
"name": "CVE-2024-42373",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42373"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2024-41729",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41729"
},
{
"name": "CVE-2024-37180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37180"
},
{
"name": "CVE-2024-45278",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45278"
},
{
"name": "CVE-2024-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45283"
},
{
"name": "CVE-2024-45277",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45277"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2024-47594",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47594"
},
{
"name": "CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"name": "CVE-2024-22259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22259"
},
{
"name": "CVE-2024-39592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39592"
},
{
"name": "CVE-2024-41730",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41730"
},
{
"name": "CVE-2024-37179",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37179"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0844",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-10-08T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": "2024-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 SAP october-2024",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2024.html"
}
]
}
CERTFR-2024-AVI-0844
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | NetWeaver BW | NetWeaver BW (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de sécurité | ||
| SAP | N/A | Commerce Backoffice versions HY_COM 2205 et COM_CLOUD 2211 sans le dernier correctif de sécurité | ||
| SAP | N/A | S/4 HANA (Manage Bank Statements) versions S4CORE, 102, 103, 104, 105, 106 et 107 sans le dernier correctif de sécurité | ||
| SAP | N/A | Student Life Cycle Management (SLcM) versions IS-PS-CA 617, 618, 802, 803, 804, 805, 806, 807 et 808 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Enterprise Portal | NetWeaver Enterprise Portal (KMC) version KMC-BC 7.5 sans le dernier correctif de sécurité | ||
| SAP | N/A | PDCE versions S4CORE 102, 103, S4COREOP 104, 105, 106, 107 et 108 sans le dernier correctif de sécurité | ||
| SAP | N/A | BusinessObjects Business Intelligence Platform (Web Intelligence) versions ENTERPRISE 420, 430, 2025, ENTERPRISECLIENTTOOLS 420, 430 et 2025 sans le dernier correctif de sécurité | ||
| SAP | N/A | HANA Client version HDB_CLIENT 2.0 sans le dernier correctif de sécurité | ||
| SAP | N/A | NetWeaver AS for Java version 7.50 sans le dernier correctif de sécurité | ||
| SAP | N/A | SAP NetWeaver Application Server pour plateformes ABAP et ABAP versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757 et SAP_BASIS 758 sans le dernier correctif de sécurité | ||
| SAP | N/A | Enterprise Project Connection version 3.0 sans le dernier correctif de sécurité | ||
| SAP | N/A | BusinessObjects Business Intelligence Platform versions ENTERPRISE 420, 430 et 440 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "NetWeaver BW (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver BW",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Commerce Backoffice versions HY_COM 2205 et COM_CLOUD 2211 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "S/4 HANA (Manage Bank Statements) versions S4CORE, 102, 103, 104, 105, 106 et 107 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Student Life Cycle Management (SLcM) versions IS-PS-CA 617, 618, 802, 803, 804, 805, 806, 807 et 808 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Enterprise Portal (KMC) version KMC-BC 7.5 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Enterprise Portal",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "PDCE versions S4CORE 102, 103, S4COREOP 104, 105, 106, 107 et 108 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects Business Intelligence Platform (Web Intelligence) versions ENTERPRISE 420, 430, 2025, ENTERPRISECLIENTTOOLS 420, 430 et 2025 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "HANA Client version HDB_CLIENT 2.0 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver AS for Java version 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server pour plateformes ABAP et ABAP versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757 et SAP_BASIS 758 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Enterprise Project Connection version 3.0 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects Business Intelligence Platform versions ENTERPRISE 420, 430 et 440 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-45282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45282"
},
{
"name": "CVE-2024-42373",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42373"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2024-41729",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41729"
},
{
"name": "CVE-2024-37180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37180"
},
{
"name": "CVE-2024-45278",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45278"
},
{
"name": "CVE-2024-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45283"
},
{
"name": "CVE-2024-45277",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45277"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2024-47594",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47594"
},
{
"name": "CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"name": "CVE-2024-22259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22259"
},
{
"name": "CVE-2024-39592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39592"
},
{
"name": "CVE-2024-41730",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41730"
},
{
"name": "CVE-2024-37179",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37179"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0844",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-10-08T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": "2024-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 SAP october-2024",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2024.html"
}
]
}
CERTFR-2024-AVI-0754
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | SAP pour Oil & Gas | SAP pour Oil & Gas versions 600, 602, 603, 604, 605, 606, 617, 618, 800, 802, 803, 804, 805, 806, 807 et 807 sans le dernier correctif de sécurité | ||
| SAP | Commerce Cloud | Commerce Cloud versions HY_COM 1808, 1811, 1905, 2005, 2105, 2011, 2205 et COM_CLOUD 2211 sans le dernier correctif de sécurité | ||
| SAP | Business Warehouse | Business Warehouse (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de sécurité | ||
| SAP | S/4HANA (Manage Incoming Payment Files) | S/4 HANA version 900 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver BW | NetWeaver BW (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de sécurité | ||
| SAP | SAP NetWeaver AS Java | NetWeaver AS pour Java (Destination Service et Logon Application) version 7.50 sans le dernier correctif de sécurité | ||
| SAP | SAP BusinessObjects Business Intelligence | BusinessObjects Business Intelligence Platform version 430 sans le dernier correctif de sécurité | ||
| SAP | SAP Student Life Cycle Management | Student Life Cycle Management (SLcM) versions 617, 618, 800, 802, 803, 804, 805, 806, 807 et 808 sans le dernier correctif de sécurité | ||
| SAP | SAP BusinessObjects Business Intelligence | BusinessObjects Business Intelligence Platform versions ENTERPRISE 430 et 440 sans le dernier correctif de sécurité | ||
| SAP | Replication Server | Replication Server versions 16.0.3 et 16.0.4 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server ABAP et ABAP Platform | SAP NetWeaver Application Server pour ABAP et ABAP Platform, Versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758, 912 sans le dernier correctif de sécurité | ||
| SAP | Production et Revenue Accounting | Production et Revenue Accounting (Tobin interface) versions S4CEXT 106, S4CEXT 107, S4CEXT 108, IS-PRA 605, IS-PRA 606, IS-PRA 616, IS-PRA 617, IS-PRA 618, IS-PRA 800, IS-PRA 801, IS-PRA 802, IS-PRA 803, IS-PRA 804 et IS-PRA 805 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Enterprise Portal | NetWeaver Enterprise Portal version 7.50 sans le dernier correctif de sécurité | ||
| SAP | NetWeaver Application Server pour ABAP | NetWeaver Application Server pour ABAP (CRM Blueprint Application Builder Panel) versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de sécurité | ||
| SAP | S/4HANA eProcurement | S/4HANA eProcurement versions SAP_APPL 606, SAP_APPL 617, SAP_APPL 618, S4CORE 102, S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107 et S4CORE 108 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SAP pour Oil \u0026 Gas versions 600, 602, 603, 604, 605, 606, 617, 618, 800, 802, 803, 804, 805, 806, 807 et 807 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP pour Oil \u0026 Gas",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Commerce Cloud versions HY_COM 1808, 1811, 1905, 2005, 2105, 2011, 2205 et COM_CLOUD 2211 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Commerce Cloud",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Business Warehouse (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Business Warehouse",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "S/4 HANA version 900 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "S/4HANA (Manage Incoming Payment Files)",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver BW (BEx Analyzer) versions DW4CORE 200, DW4CORE 300, DW4CORE 400, SAP_BW 700, SAP_BW 701, SAP_BW 702, SAP_BW 731, SAP_BW 740, SAP_BW 750, SAP_BW 751, SAP_BW 752, SAP_BW 753, SAP_BW 754, SAP_BW 755, SAP_BW 756, SAP_BW 757 et SAP_BW 758 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver BW",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver AS pour Java (Destination Service et Logon Application) version 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP NetWeaver AS Java",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects Business Intelligence Platform version 430 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP BusinessObjects Business Intelligence",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Student Life Cycle Management (SLcM) versions 617, 618, 800, 802, 803, 804, 805, 806, 807 et 808 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP Student Life Cycle Management",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "BusinessObjects Business Intelligence Platform versions ENTERPRISE 430 et 440 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "SAP BusinessObjects Business Intelligence",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Replication Server versions 16.0.3 et 16.0.4 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Replication Server",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server pour ABAP et ABAP Platform, Versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758, 912 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server ABAP et ABAP Platform",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Production et Revenue Accounting (Tobin interface) versions S4CEXT 106, S4CEXT 107, S4CEXT 108, IS-PRA 605, IS-PRA 606, IS-PRA 616, IS-PRA 617, IS-PRA 618, IS-PRA 800, IS-PRA 801, IS-PRA 802, IS-PRA 803, IS-PRA 804 et IS-PRA 805 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Production et Revenue Accounting",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Enterprise Portal version 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Enterprise Portal",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "NetWeaver Application Server pour ABAP (CRM Blueprint Application Builder Panel) versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NetWeaver Application Server pour ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "S/4HANA eProcurement versions SAP_APPL 606, SAP_APPL 617, SAP_APPL 618, S4CORE 102, S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107 et S4CORE 108 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "S/4HANA eProcurement",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-45281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45281"
},
{
"name": "CVE-2024-44115",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44115"
},
{
"name": "CVE-2024-45279",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45279"
},
{
"name": "CVE-2024-44117",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44117"
},
{
"name": "CVE-2024-33003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33003"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45285"
},
{
"name": "CVE-2024-45286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45286"
},
{
"name": "CVE-2024-44116",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44116"
},
{
"name": "CVE-2024-44113",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44113"
},
{
"name": "CVE-2024-41729",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41729"
},
{
"name": "CVE-2024-44112",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44112"
},
{
"name": "CVE-2024-41728",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41728"
},
{
"name": "CVE-2024-42371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42371"
},
{
"name": "CVE-2024-42380",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42380"
},
{
"name": "CVE-2024-45280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45280"
},
{
"name": "CVE-2024-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45283"
},
{
"name": "CVE-2013-3587",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3587"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2024-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45284"
},
{
"name": "CVE-2024-44114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44114"
},
{
"name": "CVE-2024-41730",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41730"
},
{
"name": "CVE-2024-44121",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44121"
},
{
"name": "CVE-2024-42378",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42378"
},
{
"name": "CVE-2024-44120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44120"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0754",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": "2024-09-09",
"title": "Bulletin de s\u00e9curit\u00e9 SAP",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2024.html"
}
]
}
GHSA-36J4-JJHR-3M5R
Vulnerability from github – Published: 2024-09-10 06:30 – Updated: 2024-09-10 06:30
VLAI?
Details
SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data.
Severity ?
6.0 (Medium)
{
"affected": [],
"aliases": [
"CVE-2024-45283"
],
"database_specific": {
"cwe_ids": [
"CWE-256"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-10T05:15:12Z",
"severity": "MODERATE"
},
"details": "SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data.",
"id": "GHSA-36j4-jjhr-3m5r",
"modified": "2024-09-10T06:30:48Z",
"published": "2024-09-10T06:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45283"
},
{
"type": "WEB",
"url": "https://me.sap.com/notes/3477359"
},
{
"type": "WEB",
"url": "https://url.sap/sapsecuritypatchday"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…