CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2022-22543
https://notcve.org/view.php?id=CVE-2022-22543
09 Feb 2022 — SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) - versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT, 7.49, does not sufficiently validate sap-passport information, which could lead to a Denial-of-Service attack. This allows an unauthorized remote user to provoke a breakdown of the SAP Web Dispatcher or Kernel work process. The crashed process can be restarted immediately, other processes are n... • https://launchpad.support.sap.com/#/notes/3116223 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-0257
https://notcve.org/view.php?id=CVE-2019-0257
15 Feb 2019 — Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. La funcionalidad de personalización de SAP NetWeaver AS ABAP Platform (solucionado en versiones desde la 7.0 hasta la 7.02, desde la 7.10 hasta la 7.11, la 7.30, 7.31, 7.40, desde la 7.50 hasta la 7.53 y desde la 7.74 hasta la... • http://www.securityfocus.com/bid/106999 • CWE-862: Missing Authorization •