Browse all 778 CVE security advisories affecting SAP SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SAP SE develops enterprise resource planning software that manages business processes for large organizations globally. With 778 recorded CVEs, its attack surface reflects the complexity of its extensive codebase. Historically, vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation or insecure default configurations. These flaws allow attackers to bypass authentication, access sensitive data, or execute arbitrary commands on affected systems. Notable incidents include critical flaws in SAP NetWeaver and SAP HANA, which have been actively exploited in the wild. The company maintains a rigorous security response program, issuing regular patches for identified weaknesses. However, the sheer volume of integrations and legacy components continues to present challenges for comprehensive vulnerability management. Organizations deploying SAP solutions must prioritize timely patching and strict access controls to mitigate these persistent risks effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-6238 | SAP Commerce 代码问题漏洞 — SAP Commerce | 10.0 | - | 2020-04-14 |
| CVE-2020-6236 | SAP Landscape Management和Adaptive Extensions 安全漏洞 — SAP Landscape Management | 7.2 | - | 2020-04-14 |
| CVE-2020-6234 | SAP Host Agent 安全漏洞 — SAP Host Agent | 7.2 | - | 2020-04-14 |
| CVE-2020-6232 | SAP Commerce 安全漏洞 — SAP Commerce | 5.3 | - | 2020-04-14 |
| CVE-2020-6237 | SAP Business Objects Business Intelligence Platform 信息泄露漏洞 — SAP Business Objects Business Intelligence Platform | 7.5 | - | 2020-04-14 |
| CVE-2020-6235 | SAP Solution Manager 访问控制错误漏洞 — SAP Solution Manager (Diagnostics Agent) | 8.6 | - | 2020-04-14 |
| CVE-2020-6233 | SAP Financial Products Subledger和Banking Services 安全漏洞 — SAP S/4 HANA (Financial Products Subledger and Banking Services) (FSAPPL) | 6.5 | - | 2020-04-14 |
| CVE-2020-6230 | SAP OrientDB 代码注入漏洞 — SAP OrientDB | 8.8 | - | 2020-04-14 |
| CVE-2020-6226 | SAP Business Objects Business Intelligence Platform 跨站脚本漏洞 — SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface) | 5.4 | - | 2020-04-14 |
| CVE-2020-6231 | SAP Business Objects Business Intelligence Platform 跨站脚本漏洞 — SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface) | 5.4 | - | 2020-04-14 |
| CVE-2020-6228 | SAP Business Client 安全漏洞 — SAP Business Client | 7.5 | - | 2020-04-14 |
| CVE-2020-6224 | SAP NetWeaver AS Java 信息泄露漏洞 — SAP NetWeaver AS Java (HTTP Service) | 6.8 | - | 2020-04-14 |
| CVE-2020-6229 | SAP NetWeaver AS ABAP 跨站脚本漏洞 — SAP NetWeaver AS ABAP (Business Server Pages application CRM_BSP_FRAME) | 6.1 | - | 2020-04-14 |
| CVE-2020-6227 | SAP Business Objects Business Intelligence Platform 输入验证错误漏洞 — SAP Business Objects Business Intelligence Platform (CMS / Auditing issues) | 7.5 | - | 2020-04-14 |
| CVE-2020-6219 | SAP Business Objects Business Intelligence Platform 代码问题漏洞 — SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer)CWE-502 | 8.8 | - | 2020-04-14 |
| CVE-2020-6222 | SAP Business Objects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) | 5.4 | - | 2020-04-14 |
| CVE-2020-6216 | SAP Business Objects Business Intelligence Platform 跨站脚本漏洞 — SAP Business Objects Business Intelligence Platform (BI Launchpad) | 6.1 | - | 2020-04-14 |
| CVE-2020-6221 | SAP Business Objects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform | 5.4 | - | 2020-04-14 |
| CVE-2020-6223 | SAP Business Objects Business Intelligence Platform 输入验证错误漏洞 — SAP Business Objects Business Intelligence Platform | 5.4 | - | 2020-04-14 |
| CVE-2020-6218 | SAP Business Objects Business Intelligence Platform 信息泄露漏洞 — SAP Business Objects Business Intelligence Platform | 7.7 | - | 2020-04-14 |
| CVE-2020-6214 | SAP S/4HANA 安全漏洞 — SAP S/4HANA (Financial Products Subledger)CWE-863 | 6.3 | - | 2020-04-14 |
| CVE-2020-6215 | SAP NetWeaver AS ABAP Business Server 输入验证错误漏洞 — SAP NetWeaver AS ABAP (Business Server Pages Test Application IT00) | 6.1 | - | 2020-04-14 |
| CVE-2020-6210 | SAP Fiori Launchpad 跨站脚本漏洞 — SAP Fiori Launchpad | 6.1 | - | 2020-03-10 |
| CVE-2020-6209 | SAP Disclosure Management 安全漏洞 — SAP Disclosure Management | 8.8 | - | 2020-03-10 |
| CVE-2020-6208 | SAP Business Objects Business Intelligence Platform 代码注入漏洞 — SAP Business Objects Business Intelligence Platform (Crystal Reports) | 8.2 | - | 2020-03-10 |
| CVE-2020-6207 | SAP Solution Manager 访问控制错误漏洞 — SAP Solution Manager (User Experience Monitoring) | 9.8 | - | 2020-03-10 |
| CVE-2020-6206 | SAP Cloud Platform Integration for Data Services 跨站请求伪造漏洞 — SAP Cloud Platform Integration for Data Services | 7.1 | - | 2020-03-10 |
| CVE-2020-6205 | SAP NetWeaver AS ABAP Business Server Pages 跨站脚本漏洞 — SAP NetWeaver Application Server ABAP (Smart Forms) - SAP_BASIS | 8.2 | - | 2020-03-10 |
| CVE-2020-6204 | SAP Treasury and Risk Management 安全漏洞 — SAP Treasury and Risk Management (Transaction Management) (EA-FINSERV) | 4.3 | - | 2020-03-10 |
| CVE-2020-6203 | SAP NetWeaver UDDI Server 路径遍历漏洞 — SAP NetWeaver UDDI Server (Services Registry) | 9.1 | - | 2020-03-10 |
This page lists every published CVE security advisory associated with SAP SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.