NCSC-2025-0186
Vulnerability from csaf_ncscnl - Published: 2025-06-10 10:15 - Updated: 2025-06-10 10:15Summary
Kwetsbaarheden verholpen in SAP Producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: SAP heeft kwetsbaarheden verholpen in diverse SAP producten als HANA, Business Objects en Netweaver.
Interpretaties: De kwetsbaarheden omvatten een gebrek aan autorisatiecontroles, waardoor aanvallers functies zonder beperkingen kunnen uitvoeren. Dit kan leiden tot ongeautoriseerde acties binnen de applicatie, wat de integriteit en vertrouwelijkheid in gevaar kan brengen. Daarnaast zijn er kwetsbaarheden die het mogelijk maken voor geauthenticeerde gebruikers om hun privileges te escaleren, wat kan resulteren in een significante compromittering van de applicatie. De aanwezigheid van Cross-Site Scripting (XSS) kwetsbaarheden stelt aanvallers in staat om kwaadaardige scripts op te slaan, wat de vertrouwelijkheid van gevoelige sessie-informatie in gevaar kan brengen. De noodzaak voor verbeterde beveiligingsmaatregelen en strikte toegangcontroles is duidelijk.
Oplossingen: SAP heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-590: Free of Memory not on the Heap
CWE-862: Missing Authorization
CWE-346: Origin Validation Error
CWE-918: Server-Side Request Forgery (SSRF)
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
5.4 (Medium)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
5.3 (Medium)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
4.3 (Medium)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
9.6 (Critical)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
8.8 (High)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
8.5 (High)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
8.2 (High)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
7.6 (High)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
7.5 (High)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
6.7 (Medium)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
5.8 (Medium)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
4.3 (Medium)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
CWE-918
- Server-Side Request Forgery (SSRF)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/758
SAP / NetWeaver
|
vers:unknown/758 | ||
|
vers:unknown/7.89
SAP / NetWeaver Application Server for ABAP
|
cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*
|
vers:unknown/7.89 | |
|
vers:unknown/7.93
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/7.93 | ||
|
vers:unknown/9.14
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.14 | ||
|
vers:unknown/9.15
SAP / NetWeaver Application Server for ABAP
|
vers:unknown/9.15 | ||
|
vers:unknown/grcpinwv1100_700
SAP / SAP GRC (AC Plugin)
|
vers:unknown/grcpinwv1100_700 | ||
|
vers:unknown/v1100_731
SAP / SAP GRC (AC Plugin)
|
vers:unknown/v1100_731 | ||
|
vers:unknown/sap_bw 750
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/sap_bw 750 | ||
|
vers:unknown/pi_basis 2006_1_700
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/pi_basis 2006_1_700 | ||
|
vers:unknown/915
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/915 | ||
|
vers:unknown/914
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/914 | ||
|
vers:unknown/758
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/758 | ||
|
vers:unknown/757
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/757 | ||
|
vers:unknown/756
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/756 | ||
|
vers:unknown/755
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/755 | ||
|
vers:unknown/754
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/754 | ||
|
vers:unknown/753
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/753 | ||
|
vers:unknown/752
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/752 | ||
|
vers:unknown/751
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/751 | ||
|
vers:unknown/740
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/740 | ||
|
vers:unknown/731
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/731 | ||
|
vers:unknown/702
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/702 | ||
|
vers:unknown/701
SAP / Business Warehouse and Plug-In Basis
|
vers:unknown/701 | ||
|
vers:unknown/2027
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2027 | ||
|
vers:unknown/2025
SAP / BusinessObjects Business Intelligence
|
vers:unknown/2025 | ||
|
vers:unknown/enterprise 430
SAP / BusinessObjects Business Intelligence
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/7.50
SAP / NetWeaver Visual Composer
|
vers:unknown/7.50 | ||
|
vers:unknown/710.750
SAP / MDM Server
|
vers:unknown/710.750 | ||
|
vers:unknown/758
SAP / SAP S/4HANA (Enterprise Event Enablement)
|
vers:unknown/758 | ||
|
vers:unknown/sap_basis758
SAP / SAP NetWeaver (ABAP Keyword Documentation)
|
vers:unknown/sap_basis758 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/108 | ||
|
vers:unknown/s4core106
SAP / SAP S/4HANA (Manage Central Purchase Contract application)
|
vers:unknown/s4core106 | ||
|
vers:unknown/b1_on_hana 10.0
SAP / Business One Integration Framework
|
vers:unknown/b1_on_hana 10.0 | ||
|
vers:unknown/sap-m-bo 10.0
SAP / Business One Integration Framework
|
vers:unknown/sap-m-bo 10.0 | ||
|
vers:unknown/105
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/105 | ||
|
vers:unknown/106
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/106 | ||
|
vers:unknown/107
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/107 | ||
|
vers:unknown/108
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/108 | ||
|
vers:unknown/s4core104
SAP / SAP S/4HANA (Manage Processing Rules - For Bank Statement)
|
vers:unknown/s4core104 | ||
|
vers:unknown/2025
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2025 | ||
|
vers:unknown/2027
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/2027 | ||
|
vers:unknown/enterprise 430
SAP / Business Objects Business Intelligence Platform
|
vers:unknown/enterprise 430 | ||
|
vers:unknown/754
SAP / SAPUI5 applications
|
vers:unknown/754 | ||
|
vers:unknown/755
SAP / SAPUI5 applications
|
vers:unknown/755 | ||
|
vers:unknown/756
SAP / SAPUI5 applications
|
vers:unknown/756 | ||
|
vers:unknown/757
SAP / SAPUI5 applications
|
vers:unknown/757 | ||
|
vers:unknown/758
SAP / SAPUI5 applications
|
vers:unknown/758 |
References
15 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "SAP heeft kwetsbaarheden verholpen in diverse SAP producten als HANA, Business Objects en Netweaver.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden omvatten een gebrek aan autorisatiecontroles, waardoor aanvallers functies zonder beperkingen kunnen uitvoeren. Dit kan leiden tot ongeautoriseerde acties binnen de applicatie, wat de integriteit en vertrouwelijkheid in gevaar kan brengen. Daarnaast zijn er kwetsbaarheden die het mogelijk maken voor geauthenticeerde gebruikers om hun privileges te escaleren, wat kan resulteren in een significante compromittering van de applicatie. De aanwezigheid van Cross-Site Scripting (XSS) kwetsbaarheden stelt aanvallers in staat om kwaadaardige scripts op te slaan, wat de vertrouwelijkheid van gevoelige sessie-informatie in gevaar kan brengen. De noodzaak voor verbeterde beveiligingsmaatregelen en strikte toegangcontroles is duidelijk.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "SAP heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Free of Memory not on the Heap",
"title": "CWE-590"
},
{
"category": "general",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "Origin Validation Error",
"title": "CWE-346"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Source - sap",
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/june-2025.html"
}
],
"title": "Kwetsbaarheden verholpen in SAP Producten",
"tracking": {
"current_release_date": "2025-06-10T10:15:56.898255Z",
"generator": {
"date": "2025-06-05T14:45:00Z",
"engine": {
"name": "V.A.",
"version": "1.1"
}
},
"id": "NCSC-2025-0186",
"initial_release_date": "2025-06-10T10:15:56.898255Z",
"revision_history": [
{
"date": "2025-06-10T10:15:56.898255Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/758",
"product": {
"name": "vers:unknown/758",
"product_id": "CSAFPID-2905222"
}
}
],
"category": "product_name",
"name": "NetWeaver"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/7.89",
"product": {
"name": "vers:unknown/7.89",
"product_id": "CSAFPID-874040",
"product_identification_helper": {
"cpe": "cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:unknown/7.93",
"product": {
"name": "vers:unknown/7.93",
"product_id": "CSAFPID-2905130"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/9.14",
"product": {
"name": "vers:unknown/9.14",
"product_id": "CSAFPID-2905131"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/9.15",
"product": {
"name": "vers:unknown/9.15",
"product_id": "CSAFPID-2905132"
}
}
],
"category": "product_name",
"name": "NetWeaver Application Server for ABAP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/grcpinwv1100_700",
"product": {
"name": "vers:unknown/grcpinwv1100_700",
"product_id": "CSAFPID-2904199"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v1100_731",
"product": {
"name": "vers:unknown/v1100_731",
"product_id": "CSAFPID-2904200"
}
}
],
"category": "product_name",
"name": "SAP GRC (AC Plugin)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/sap_bw 750",
"product": {
"name": "vers:unknown/sap_bw 750",
"product_id": "CSAFPID-2905154"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/pi_basis 2006_1_700",
"product": {
"name": "vers:unknown/pi_basis 2006_1_700",
"product_id": "CSAFPID-2905153"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/915",
"product": {
"name": "vers:unknown/915",
"product_id": "CSAFPID-2905152"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/914",
"product": {
"name": "vers:unknown/914",
"product_id": "CSAFPID-2905151"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/758",
"product": {
"name": "vers:unknown/758",
"product_id": "CSAFPID-2905150"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/757",
"product": {
"name": "vers:unknown/757",
"product_id": "CSAFPID-2905149"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/756",
"product": {
"name": "vers:unknown/756",
"product_id": "CSAFPID-2905148"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/755",
"product": {
"name": "vers:unknown/755",
"product_id": "CSAFPID-2905147"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/754",
"product": {
"name": "vers:unknown/754",
"product_id": "CSAFPID-2905146"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/753",
"product": {
"name": "vers:unknown/753",
"product_id": "CSAFPID-2905145"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/752",
"product": {
"name": "vers:unknown/752",
"product_id": "CSAFPID-2905144"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/751",
"product": {
"name": "vers:unknown/751",
"product_id": "CSAFPID-2905143"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/740",
"product": {
"name": "vers:unknown/740",
"product_id": "CSAFPID-2905142"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/731",
"product": {
"name": "vers:unknown/731",
"product_id": "CSAFPID-2905141"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/702",
"product": {
"name": "vers:unknown/702",
"product_id": "CSAFPID-2905140"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/701",
"product": {
"name": "vers:unknown/701",
"product_id": "CSAFPID-2905139"
}
}
],
"category": "product_name",
"name": "Business Warehouse and Plug-In Basis"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/2027",
"product": {
"name": "vers:unknown/2027",
"product_id": "CSAFPID-2905156"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/2025",
"product": {
"name": "vers:unknown/2025",
"product_id": "CSAFPID-2905155"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/enterprise 430",
"product": {
"name": "vers:unknown/enterprise 430",
"product_id": "CSAFPID-2905157"
}
}
],
"category": "product_name",
"name": "BusinessObjects Business Intelligence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/7.50",
"product": {
"name": "vers:unknown/7.50",
"product_id": "CSAFPID-2905221"
}
}
],
"category": "product_name",
"name": "NetWeaver Visual Composer"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/710.750",
"product": {
"name": "vers:unknown/710.750",
"product_id": "CSAFPID-2905135"
}
}
],
"category": "product_name",
"name": "MDM Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/758",
"product": {
"name": "vers:unknown/758",
"product_id": "CSAFPID-2904238"
}
}
],
"category": "product_name",
"name": "SAP S/4HANA (Enterprise Event Enablement)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/sap_basis758",
"product": {
"name": "vers:unknown/sap_basis758",
"product_id": "CSAFPID-2904192"
}
}
],
"category": "product_name",
"name": "SAP NetWeaver (ABAP Keyword Documentation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/107",
"product": {
"name": "vers:unknown/107",
"product_id": "CSAFPID-2904218"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/108",
"product": {
"name": "vers:unknown/108",
"product_id": "CSAFPID-2904219"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/s4core106",
"product": {
"name": "vers:unknown/s4core106",
"product_id": "CSAFPID-2904217"
}
}
],
"category": "product_name",
"name": "SAP S/4HANA (Manage Central Purchase Contract application)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/b1_on_hana 10.0",
"product": {
"name": "vers:unknown/b1_on_hana 10.0",
"product_id": "CSAFPID-2905133"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/sap-m-bo 10.0",
"product": {
"name": "vers:unknown/sap-m-bo 10.0",
"product_id": "CSAFPID-2905134"
}
}
],
"category": "product_name",
"name": "Business One Integration Framework"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/105",
"product": {
"name": "vers:unknown/105",
"product_id": "CSAFPID-2904221"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/106",
"product": {
"name": "vers:unknown/106",
"product_id": "CSAFPID-2904222"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/107",
"product": {
"name": "vers:unknown/107",
"product_id": "CSAFPID-2904223"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/108",
"product": {
"name": "vers:unknown/108",
"product_id": "CSAFPID-2904224"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/s4core104",
"product": {
"name": "vers:unknown/s4core104",
"product_id": "CSAFPID-2904220"
}
}
],
"category": "product_name",
"name": "SAP S/4HANA (Manage Processing Rules - For Bank Statement)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/2025",
"product": {
"name": "vers:unknown/2025",
"product_id": "CSAFPID-2905206"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/2027",
"product": {
"name": "vers:unknown/2027",
"product_id": "CSAFPID-2905207"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/enterprise 430",
"product": {
"name": "vers:unknown/enterprise 430",
"product_id": "CSAFPID-2905208"
}
}
],
"category": "product_name",
"name": "Business Objects Business Intelligence Platform"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/754",
"product": {
"name": "vers:unknown/754",
"product_id": "CSAFPID-2904230"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/755",
"product": {
"name": "vers:unknown/755",
"product_id": "CSAFPID-2904231"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/756",
"product": {
"name": "vers:unknown/756",
"product_id": "CSAFPID-2904232"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/757",
"product": {
"name": "vers:unknown/757",
"product_id": "CSAFPID-2904233"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/758",
"product": {
"name": "vers:unknown/758",
"product_id": "CSAFPID-2904234"
}
}
],
"category": "product_name",
"name": "SAPUI5 applications"
}
],
"category": "vendor",
"name": "SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-42984",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42984 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42984.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-42984"
},
{
"cve": "CVE-2025-42998",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"notes": [
{
"category": "other",
"text": "Origin Validation Error",
"title": "CWE-346"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42998 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42998.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-42998"
},
{
"cve": "CVE-2025-42987",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42987 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42987.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-42987"
},
{
"cve": "CVE-2025-42989",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42989 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42989.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-42989"
},
{
"cve": "CVE-2025-42982",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42982 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42982.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-42982"
},
{
"cve": "CVE-2025-42983",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42983 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42983.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-42983"
},
{
"cve": "CVE-2025-23192",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23192 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-23192.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-23192"
},
{
"cve": "CVE-2025-42977",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42977 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42977.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-42977"
},
{
"cve": "CVE-2025-42994",
"cwe": {
"id": "CWE-590",
"name": "Free of Memory not on the Heap"
},
"notes": [
{
"category": "other",
"text": "Free of Memory not on the Heap",
"title": "CWE-590"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42994 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42994.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-42994"
},
{
"cve": "CVE-2025-42993",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42993 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42993.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-42993"
},
{
"cve": "CVE-2025-31325",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31325 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31325.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-31325"
},
{
"cve": "CVE-2025-42991",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42991 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42991.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-42991"
},
{
"cve": "CVE-2025-42988",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42988 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42988.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-42988"
},
{
"cve": "CVE-2025-42990",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-42990 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-42990.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.0,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2905222",
"CSAFPID-874040",
"CSAFPID-2905130",
"CSAFPID-2905131",
"CSAFPID-2905132",
"CSAFPID-2904199",
"CSAFPID-2904200",
"CSAFPID-2905154",
"CSAFPID-2905153",
"CSAFPID-2905152",
"CSAFPID-2905151",
"CSAFPID-2905150",
"CSAFPID-2905149",
"CSAFPID-2905148",
"CSAFPID-2905147",
"CSAFPID-2905146",
"CSAFPID-2905145",
"CSAFPID-2905144",
"CSAFPID-2905143",
"CSAFPID-2905142",
"CSAFPID-2905141",
"CSAFPID-2905140",
"CSAFPID-2905139",
"CSAFPID-2905156",
"CSAFPID-2905155",
"CSAFPID-2905157",
"CSAFPID-2905221",
"CSAFPID-2905135",
"CSAFPID-2904238",
"CSAFPID-2904192",
"CSAFPID-2904218",
"CSAFPID-2904219",
"CSAFPID-2904217",
"CSAFPID-2905133",
"CSAFPID-2905134",
"CSAFPID-2904221",
"CSAFPID-2904222",
"CSAFPID-2904223",
"CSAFPID-2904224",
"CSAFPID-2904220",
"CSAFPID-2905206",
"CSAFPID-2905207",
"CSAFPID-2905208",
"CSAFPID-2904230",
"CSAFPID-2904231",
"CSAFPID-2904232",
"CSAFPID-2904233",
"CSAFPID-2904234"
]
}
],
"title": "CVE-2025-42990"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…