Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Netweaver_as_abap_krnl64uc
(Sap)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-06-14 | CVE-2022-27668 | Depending on the configuration of the route permission table in file 'saprouttab', it is possible for an unauthenticated attacker to execute SAProuter administration commands in SAP NetWeaver and ABAP Platform - versions KERNEL 7.49, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.49, KRNL64UC 7.49, SAP_ROUTER 7.53, 7.22, from a remote client, for example stopping the SAProuter, that could highly impact systems availability. | Netweaver_as_abap, Netweaver_as_abap_krnl64nuc, Netweaver_as_abap_krnl64uc, Router | 9.8 | ||
| 2022-05-11 | CVE-2022-27656 | The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager (ICM) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | Netweaver_as_abap_kernel, Netweaver_as_abap_krnl64uc, Webdispatcher | 6.1 | ||
| 2022-05-11 | CVE-2022-29616 | SAP Host Agent, SAP NetWeaver and ABAP Platform allow an attacker to leverage logical errors in memory management to cause a memory corruption. | Netweaver_as_abap_kernel, Netweaver_as_abap_krnl64nuc, Netweaver_as_abap_krnl64uc | 7.5 |