CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-42978 – Insufficiently Secure Hostname Verification for Outbound TLS Connections in SAP NetWeaver Application Server Java
https://notcve.org/view.php?id=CVE-2025-42978
08 Jul 2025 — The widely used component that establishes outbound TLS connections in SAP NetWeaver Application Server Java does not reliably match the hostname that is used for the connection against the wildcard hostname defined in the received certificate of remote TLS server. This might lead to the outbound connection being established to a possibly malicious remote TLS server and hence disclose information. Integrity and Availability are not impacted. • https://me.sap.com/notes/3557179 • CWE-940: Improper Verification of Source of a Communication Channel •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-42963 – Insecure Deserialization in SAP NetWeaver Application Server for Java (Log Viewer )
https://notcve.org/view.php?id=CVE-2025-42963
08 Jul 2025 — A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables authenticated administrator users to exploit unsafe Java object deserialization. Successful exploitation can lead to full operating system compromise, granting attackers complete control over the affected system. This results in a severe impact on the confidentiality, integrity, and availability of the application and host environment. • https://me.sap.com/notes/3621771 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-42977 – Directory Traversal vulnerability in SAP NetWeaver Visual Composer
https://notcve.org/view.php?id=CVE-2025-42977
10 Jun 2025 — SAP NetWeaver Visual Composer contains a Directory Traversal vulnerability caused by insufficient validation of input paths provided by a high-privileged user. This allows an attacker to read or modify arbitrary files, resulting in a high impact on confidentiality and a low impact on integrity. • https://me.sap.com/notes/3610591 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.1EPSS: 18%CPEs: 1EXPL: 0CVE-2025-42999 – SAP NetWeaver Deserialization Vulnerability
https://notcve.org/view.php?id=CVE-2025-42999
13 May 2025 — SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system. SAP NetWeaver Visual Composer Metadata Uploader contains a deserialization vulnerability that allows a privileged attacker to compromise the confidentiality, integrity, and availability of the host system by deserializing untrusted or malicious content... • https://me.sap.com/notes/3604119 • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 66%CPEs: 1EXPL: 19CVE-2025-31324 – SAP NetWeaver Unrestricted File Upload Vulnerability
https://notcve.org/view.php?id=CVE-2025-31324
24 Apr 2025 — SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system. SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries. • https://github.com/rxerium/CVE-2025-31324 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-0057 – Cross-Site Scripting vulnerability in SAP NetWeaver AS JAVA (User Admin Application)
https://notcve.org/view.php?id=CVE-2025-0057
14 Jan 2025 — SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting vulnerability. An attacker posing as an admin can upload a photo with malicious JS content. When a victim visits the vulnerable component, the attacker can read and modify information within the scope of victim's web browser. • https://me.sap.com/notes/3514421 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47580 – Multiple vulnerabilities in SAP NetWeaver AS for JAVA(Adobe Document Services)
https://notcve.org/view.php?id=CVE-2024-47580
10 Dec 2024 — An attacker authenticated as an administrator can use an exposed webservice to create a PDF with an embedded attachment. By specifying the file to be an internal server file and subsequently downloading the generated PDF, the attacker can read any file on the server with no effect on integrity or availability. • https://me.sap.com/notes/3536965 • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47579 – Multiple vulnerabilities in SAP NetWeaver AS for JAVA(Adobe Document Services)
https://notcve.org/view.php?id=CVE-2024-47579
10 Dec 2024 — An attacker authenticated as an administrator can use an exposed webservice to upload or download a custom PDF font file on the system server. Using the upload functionality to copy an internal file into a font file and subsequently using the download functionality to retrieve that file allows the attacker to read any file on the server with no effect on integrity or availability • https://me.sap.com/notes/3536965 • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47578 – Multiple vulnerabilities in SAP NetWeaver AS for JAVA(Adobe Document Services)
https://notcve.org/view.php?id=CVE-2024-47578
10 Dec 2024 — Adobe Document Service allows an attacker with administrator privileges to send a crafted request from a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability. On successful exploitation, the attacker can read or modify any file and/or make the entire system unavailable. • https://me.sap.com/notes/3536965 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45283 – Information disclosure vulnerability in SAP NetWeaver AS for Java (Destination Service)
https://notcve.org/view.php?id=CVE-2024-45283
10 Sep 2024 — SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data. • https://me.sap.com/notes/3477359 • CWE-256: Plaintext Storage of a Password •