Browse all 778 CVE security advisories affecting SAP SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SAP SE develops enterprise resource planning software that manages business processes for large organizations globally. With 778 recorded CVEs, its attack surface reflects the complexity of its extensive codebase. Historically, vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation or insecure default configurations. These flaws allow attackers to bypass authentication, access sensitive data, or execute arbitrary commands on affected systems. Notable incidents include critical flaws in SAP NetWeaver and SAP HANA, which have been actively exploited in the wild. The company maintains a rigorous security response program, issuing regular patches for identified weaknesses. However, the sheer volume of integrations and legacy components continues to present challenges for comprehensive vulnerability management. Organizations deploying SAP solutions must prioritize timely patching and strict access controls to mitigate these persistent risks effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-27611 | SAP NetWeaver AS ABAP Business Server 代码注入漏洞 — SAP NetWeaver AS ABAP | 6.7 | - | 2021-05-11 |
| CVE-2021-27612 | SAP GUI 输入验证错误漏洞 — SAP GUI for Windows | 6.1 | - | 2021-05-11 |
| CVE-2021-27613 | SAP Business One 信息泄露漏洞 — SAP Business One (Cookbooks) | 7.8 | - | 2021-05-11 |
| CVE-2021-27614 | SAP Business One 注入漏洞 — SAP Business One, version for SAP HANA (Cookbooks) | 7.1 | - | 2021-05-11 |
| CVE-2021-27616 | SAP Business One 权限许可和访问控制问题漏洞 — SAP Business One, version for SAP HANA (Cookbooks) | 7.8 | - | 2021-05-11 |
| CVE-2021-27617 | SAP Process Integration 资源管理错误漏洞 — SAP Process Integration (Integration Builder Framework) | 4.9 | - | 2021-05-11 |
| CVE-2021-27618 | SAP Process Integration 代码问题漏洞 — SAP Process Integration (Integration Builder Framework) | 4.9 | - | 2021-05-11 |
| CVE-2021-27619 | SAP Commerce 安全漏洞 — SAP Commerce (Backoffice Search) | 6.5 | - | 2021-05-11 |
| CVE-2021-27608 | SAP Setup 安全漏洞 — SAP Setup | 8.2 | - | 2021-04-14 |
| CVE-2021-27599 | SAP Netweaver 信息泄露漏洞 — SAP Process Integration (Integration Builder Framework) | 7.5 | - | 2021-04-14 |
| CVE-2021-27604 | SAP ERP 代码问题漏洞 — SAP Process Integration (Enterprise Service Repository JAVA Mappings)CWE-611 | 6.5 | - | 2021-04-14 |
| CVE-2021-27609 | SAP Focused Run 安全漏洞 — SAP Focused RUN | - | - | 2021-04-13 |
| CVE-2021-21485 | SAP NetWeaver Application Server 信息泄露漏洞 — SAP NetWeaver AS for JAVA (Telnet Commands) | 6.5 | - | 2021-04-13 |
| CVE-2021-27605 | SAP HCM Travel Management 安全漏洞 — SAP Fiori Apps 2.0 for Travel Management in SAP ERP | 4.3 | - | 2021-04-13 |
| CVE-2021-27601 | SAP Netweaver 跨站脚本漏洞 — SAP NetWeaver AS for Java (Applications based on HTMLB for Java) | 5.4 | - | 2021-04-13 |
| CVE-2021-27600 | SAP Manufacturing Execution 跨站脚本漏洞 — SAP Manufacturing Execution (System Rules) | 5.4 | - | 2021-04-13 |
| CVE-2021-27602 | SAP Commerce 代码注入漏洞 — SAP Commerce | 9.9 | - | 2021-04-13 |
| CVE-2021-27603 | SAP NetWeaver AS ABAP Business Server 安全漏洞 — SAP NetWeaver AS for ABAP | 7.5 | - | 2021-04-13 |
| CVE-2021-21492 | SAP NetWeaver Application Server Java 安全漏洞 — SAP NetWeaver AS for JAVA (HTTP Service)CWE-290 | 5.3 | - | 2021-04-13 |
| CVE-2021-21482 | SAP NetWeaver Master Data Management 信息泄露漏洞 — SAP NetWeaver Master Data Management | 8.1 | - | 2021-04-13 |
| CVE-2021-21483 | SAP Solution Manager 信息泄露漏洞 — SAP Solution Manager | 4.9 | - | 2021-04-13 |
| CVE-2021-27598 | SAP Netweaver 访问控制错误漏洞 — SAP NetWeaver AS for JAVA (Customer Usage Provisioning Servlet)CWE-284 | 5.3 | - | 2021-04-13 |
| CVE-2021-27594 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise Viewer | 3.3 | - | 2021-03-22 |
| CVE-2021-27596 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise Viewer | 3.3 | - | 2021-03-22 |
| CVE-2021-27595 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise Viewer | 5.5 | - | 2021-03-22 |
| CVE-2021-27593 | SAP 3D Visual Enterprise Viewer 安全漏洞 — SAP 3D Visual Enterprise Viewer | 3.3 | - | 2021-03-22 |
| CVE-2021-21491 | SAP Business Objects Business Intelligence Platform 输入验证错误漏洞 — SAP NetWeaver Application Server Java (Applications based on Web Dynpro Java) | 6.1 | - | 2021-03-10 |
| CVE-2021-27592 | SAP 3D Visual Enterprise Viewer 安全漏洞 — SAP 3D Visual Enterprise Viewer | 7.1 | - | 2021-03-09 |
| CVE-2021-27590 | SAP 3D Visual Enterprise Viewer 安全漏洞 — SAP 3D Visual Enterprise Viewer | 7.8 | - | 2021-03-09 |
| CVE-2021-27584 | SAP 3D Visual Enterprise Viewer 安全漏洞 — SAP 3D Visual Enterprise Viewer | 7.8 | - | 2021-03-09 |
This page lists every published CVE security advisory associated with SAP SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.