CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-49580 – Information disclosure in SAP GUI for Windows and SAP GUI for Java
https://notcve.org/view.php?id=CVE-2023-49580
12 Dec 2023 — SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to create Layout configurations of the ABAP List Viewer and with this causing a mild impact on integrity and availability, e.g. also increasing the response times of the AS ABAP. SAP GUI para Windows y SAP GUI para Java: v... • https://me.sap.com/notes/3385711 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21448
https://notcve.org/view.php?id=CVE-2021-21448
12 Jan 2021 — SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for Application Server ABAP backend systems in the client PCs memory. Under certain conditions the attacker can access information which would otherwise be restricted. The exploit can only be executed locally on the client PC and not via Network and the attacker needs at least user authorization of the Operating System user of the victim. SAP GUI para Windows, versión - 7.60, permite a un atacante falsificar las credenciales ... • https://launchpad.support.sap.com/#/notes/2992269 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2011-5154
https://notcve.org/view.php?id=CVE-2011-5154
06 Sep 2012 — Multiple untrusted search path vulnerabilities in (1) SAPGui.exe and (2) BExAnalyzer.exe in SAP GUI 6.4 through 7.2 allow local users to gain privileges via a Trojan horse MFC80LOC.DLL file in the current working directory, as demonstrated by a directory that contains a .sap file. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de ruta de búsqueda no confiable en (1) SAPGui.exe y (2) BExAnalyzer.exe en SAP GUI v6.4 hasta v7.2, permite a usuarios locales gana... • http://dsecrg.com/pages/vul/show.php?id=314 •