Browse all 778 CVE security advisories affecting SAP SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SAP SE develops enterprise resource planning software that manages business processes for large organizations globally. With 778 recorded CVEs, its attack surface reflects the complexity of its extensive codebase. Historically, vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation or insecure default configurations. These flaws allow attackers to bypass authentication, access sensitive data, or execute arbitrary commands on affected systems. Notable incidents include critical flaws in SAP NetWeaver and SAP HANA, which have been actively exploited in the wild. The company maintains a rigorous security response program, issuing regular patches for identified weaknesses. However, the sheer volume of integrations and legacy components continues to present challenges for comprehensive vulnerability management. Organizations deploying SAP solutions must prioritize timely patching and strict access controls to mitigate these persistent risks effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-6299 | SAP NetWeaver AS ABAP和ABAP Platform 信息泄露漏洞 — SAP NetWeaver (ABAP Server) and ABAP Platform | 4.3 | - | 2020-08-12 |
| CVE-2020-6298 | SAP Banking Services 安全漏洞 — SAP Banking Services (Generic Market Data) | 8.1 | - | 2020-08-12 |
| CVE-2020-6297 | SAP Data Intelligence 信息泄露漏洞 — SAP Data Intelligence | 5.5 | - | 2020-08-12 |
| CVE-2020-6296 | SAP NetWeaver AS ABAP和ABAP Platform 代码注入漏洞 — SAP NetWeaver (ABAP Server) and ABAP Platform | 9.8 | - | 2020-08-12 |
| CVE-2020-6295 | SAP Adaptive Server Enterprise 信息泄露漏洞 — SAP Adaptive Server Enterprise | 7.8 | - | 2020-08-12 |
| CVE-2020-6294 | SAP Business Objects Business Intelligence Platform 访问控制错误漏洞 — SAP Business Objects Business Intelligence Platform | 9.8 | - | 2020-08-12 |
| CVE-2020-6293 | SAP NetWeaver Knowledge Management 代码问题漏洞 — SAP NetWeaver (Knowledge Management) | 9.4 | - | 2020-08-12 |
| CVE-2020-6284 | SAP NetWeaver Knowledge Management 跨站脚本漏洞 — SAP NetWeaver (Knowledge Management) | 9.0 | - | 2020-08-12 |
| CVE-2020-6273 | SAP S/4 HANA Fiori UI for General Ledger Accounting 安全漏洞 — SAP S/4 HANA (Fiori UI for General Ledger Accounting) | 4.3 | - | 2020-08-12 |
| CVE-2020-6267 | SAP Disclosure Management 跨站脚本漏洞 — SAP Disclosure ManagementCWE-1004 | 6.5 | - | 2020-07-14 |
| CVE-2020-6276 | SAP Business Objects Business Intelligence Platform 跨站脚本漏洞 — SAP Business Objects Business Intelligence Platform (bipodata) | 5.4 | - | 2020-07-14 |
| CVE-2020-6278 | SAP Business Objects Business Intelligence Platform 跨站脚本漏洞 — SAP Business Objects Business Intelligence Platform (BI Launchpad and CMC) | 5.4 | - | 2020-07-14 |
| CVE-2020-6280 | SAP NetWeaver AS ABAP和ABAP Platform 信息泄露漏洞 — SAP NetWeaver (ABAP Server) and ABAP Platform | 4.9 | - | 2020-07-14 |
| CVE-2020-6281 | SAP Business Objects Business Intelligence Platform 跨站脚本漏洞 — SAP Business Objects Business Intelligence Platform (BI Launchpad) | 6.1 | - | 2020-07-14 |
| CVE-2020-6282 | SAP NetWeaver AS JAVA 代码问题漏洞 — SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE) | 5.8 | - | 2020-07-14 |
| CVE-2020-6285 | SAP NetWeaver-XML Toolkit for JAVA 信息泄露漏洞 — SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) | 6.5 | - | 2020-07-14 |
| CVE-2020-6286 | SAP NetWeaver AS JAVA 路径遍历漏洞 — SAP NetWeaver AS JAVA (LM Configuration Wizard) | 5.3 | - | 2020-07-14 |
| CVE-2020-6287 | SAP NetWeaver AS JAVA 授权问题漏洞 — SAP NetWeaver AS JAVA (LM Configuration Wizard) | 10.0 | - | 2020-07-14 |
| CVE-2020-6289 | SAP Disclosure Management 跨站请求伪造漏洞 — SAP Disclosure Management | 8.8 | - | 2020-07-14 |
| CVE-2020-6290 | SAP Disclosure Management 授权问题漏洞 — SAP Disclosure Management | 5.4 | - | 2020-07-14 |
| CVE-2020-6291 | SAP Disclosure Management 代码问题漏洞 — SAP Disclosure Management | 8.8 | - | 2020-07-14 |
| CVE-2020-6292 | SAP Disclosure Management 代码问题漏洞 — SAP Disclosure ManagementCWE-613 | 8.8 | - | 2020-07-14 |
| CVE-2020-6261 | SAP Solution Manager 注入漏洞 — SAP Solution Manager (Trace Analysis) | - | - | 2020-07-01 |
| CVE-2020-6266 | SAP Fiori 输入验证错误漏洞 — SAP Fiori for SAP S/4HANA | 6.1 | - | 2020-06-10 |
| CVE-2020-6264 | SAP Commerce 信息泄露漏洞 — SAP Commerce | 7.5 | - | 2020-06-10 |
| CVE-2020-6263 | SAP NetWeaver AS Java 授权问题漏洞 — SAP NetWeaver AS JAVA | 9.8 | - | 2020-06-10 |
| CVE-2020-6260 | SAP Solution Manager 安全漏洞 — SAP Solution Manager (Trace Analysis) | 5.3 | - | 2020-06-10 |
| CVE-2020-6275 | SAP NetWeaver AS ABAP 代码问题漏洞 — SAP Netweaver AS ABAP | 9.8 | - | 2020-06-10 |
| CVE-2020-6271 | SAP Solution Manager 安全漏洞 — SAP Solution Manager (Problem Context Manager) | 9.1 | - | 2020-06-10 |
| CVE-2020-6269 | SAP Business Objects Business Intelligence Platform 信息泄露漏洞 — SAP Business Objects Business Intelligence Platform | 6.5 | - | 2020-06-10 |
This page lists every published CVE security advisory associated with SAP SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.