cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-24743,https://securityvulnerability.io/vulnerability/CVE-2024-24743,SAP NetWeaver AS Java Vulnerability Allows Unauthorized Access to Sensitive Data,"An XML parsing vulnerability exists in SAP NetWeaver AS Java (CAF - Guided Procedures) version 7.50. This vulnerability allows an unauthenticated attacker to send specially crafted XML requests over the network, enabling access to sensitive files and information stored within the system. Although the attacker cannot modify the accessed data, this situation raises concerns over data security and privacy. The system does implement expansion limits to ensure that the availability of the application is not compromised.",SAP,SAP Netweaver As Java (guided Procedures),8.6,HIGH,0.0009399999980814755,false,false,false,false,,false,false,2024-02-13T02:43:40.755Z,0
CVE-2023-41367,https://securityvulnerability.io/vulnerability/CVE-2023-41367,Missing Authentication check in SAP NetWeaver (Guided Procedures),"Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user’s email address. There is no integrity/availability impact.

",SAP,SAP Netweaver (guided Procedures),5.3,MEDIUM,0.0006799999973736703,false,false,false,false,,false,false,2023-09-12T02:15:00.000Z,0
CVE-2021-33671,https://securityvulnerability.io/vulnerability/CVE-2021-33671,,"SAP NetWeaver Guided Procedures (Administration Workset), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. The impact of missing authorization could result to abuse of functionality restricted to a particular user group, and could allow unauthorized users to read, modify or delete restricted data.",SAP,SAP Netweaver Guided Procedures (administration Workset),7.6,HIGH,0.0010400000028312206,false,false,false,false,,false,false,2021-07-14T11:03:32.000Z,0
CVE-2020-6187,https://securityvulnerability.io/vulnerability/CVE-2020-6187,,"SAP NetWeaver (Guided Procedures), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document input from a compromised admin, leading to Denial of Service.",SAP,SAP Netweaver (guided Procedures),4.9,MEDIUM,0.0008099999977275729,false,false,false,false,,false,false,2020-02-12T19:45:46.000Z,0