CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 0CVE-2021-44231
https://notcve.org/view.php?id=CVE-2021-44231
14 Dec 2021 — Internally used text extraction reports allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application. Los informes de extracción de texto usados internamente permiten a un atacante inyectar código que puede ser ejecutado por la aplicación. Un atacante podría así controlar el comportamiento de la aplicación • https://launchpad.support.sap.com/#/notes/3119365 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.1EPSS: 10%CPEs: 13EXPL: 3CVE-2020-6318 – SAP Application Server ABAP / ABAP Platform Code Injection / SQL Injection / Missing Authorization
https://notcve.org/view.php?id=CVE-2020-6318
09 Sep 2020 — A Remote Code Execution vulnerability exists in the SAP NetWeaver (ABAP Server, up to release 7.40) and ABAP Platform (> release 7.40).Because of this, an attacker can exploit these products via Code Injection, and potentially enabling to take complete control of the products, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the products to terminate.... • https://packetstorm.news/files/id/167229 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.3EPSS: 0%CPEs: 22EXPL: 0CVE-2020-6310
https://notcve.org/view.php?id=CVE-2020-6310
12 Aug 2020 — Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP users, leading to Information Disclosure. Un control de acceso inapropiado en el componente SOA Configuration Trace en SAP NetWeaver (ABAP Server) y la plataforma ABAP, versiones - 702, 730, 731, 740, 750, permite a cualquier usuario autenticado enumerar todos los usuarios de SAP, conllevando a una Divulgación de... • https://launchpad.support.sap.com/#/notes/2944988 •
CVSS: 8.8EPSS: 0%CPEs: 22EXPL: 0CVE-2020-6296
https://notcve.org/view.php?id=CVE-2020-6296
12 Aug 2020 — SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753, 755, allows an attacker to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application. SAP NetWeaver (ABAP Server) y plataforma ABAP, versiones: 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753, 755, permiten a un atacante inyectar código que puede ser ejecutado por la aplicación conllevando a una Inyecció... • https://launchpad.support.sap.com/#/notes/2941667 •