Browse all 778 CVE security advisories affecting SAP SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SAP SE develops enterprise resource planning software that manages business processes for large organizations globally. With 778 recorded CVEs, its attack surface reflects the complexity of its extensive codebase. Historically, vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation or insecure default configurations. These flaws allow attackers to bypass authentication, access sensitive data, or execute arbitrary commands on affected systems. Notable incidents include critical flaws in SAP NetWeaver and SAP HANA, which have been actively exploited in the wild. The company maintains a rigorous security response program, issuing regular patches for identified weaknesses. However, the sheer volume of integrations and legacy components continues to present challenges for comprehensive vulnerability management. Organizations deploying SAP solutions must prioritize timely patching and strict access controls to mitigate these persistent risks effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-26104 | SAP Financial Consolidation 安全漏洞 — SAP Financial Consolidation | 5.3 | - | 2022-03-08 |
| CVE-2022-26103 | SAP Netweaver 安全漏洞 — SAP NetWeaver (Real Time Messaging Framework)CWE-862 | 5.3 | - | 2022-03-08 |
| CVE-2022-26101 | SAP Fiori 跨站脚本漏洞 — Fiori LaunchpadCWE-79 | 6.1 | - | 2022-03-08 |
| CVE-2022-22547 | SAP Focused Run 信息泄露漏洞 — Simple Diagnostics AgentCWE-200 | 7.5 | - | 2022-03-08 |
| CVE-2022-24399 | SAP Focused Run 跨站脚本漏洞 — SAP Focused Run (Real User Monitoring)CWE-79 | 6.1 | - | 2022-03-08 |
| CVE-2022-24395 | SAP Enterprise Portal 跨站脚本漏洞 — SAP NetWeaver Enterprise PortalCWE-79 | 6.1 | - | 2022-03-08 |
| CVE-2022-26100 | SAP SAPCAR 输入验证错误漏洞 — SAPCARCWE-129 | 9.8 | - | 2022-03-08 |
| CVE-2022-26102 | SAP NetWeaver Application Server 安全漏洞 — SAP NetWeaver Application Server for ABAPCWE-862 | 5.4 | - | 2022-03-08 |
| CVE-2022-24396 | SAP Focused Run 安全漏洞 — SAP Focused Run (Simple Diagnostics Agent)CWE-306 | 7.8 | - | 2022-03-08 |
| CVE-2022-24398 | SAP Business Objects Business Intelligence Platform 信息泄露漏洞 — SAP Business Objects Business Intelligence PlatformCWE-200 | 6.5 | - | 2022-03-08 |
| CVE-2022-22544 | SAP Solution Manager 安全漏洞 — SAP Solution Manager (Diagnostics Root Cause Analysis Tools) | 9.1 | - | 2022-02-09 |
| CVE-2022-22546 | SAP Business Objects Web Intelligence 跨站脚本漏洞 — SAP Business Objects Web Intelligence (BI Launchpad)CWE-79 | 5.4 | - | 2022-02-09 |
| CVE-2022-22545 | SAP NetWeaver Application Server 信息泄露漏洞 — SAP NetWeaver Application Server ABAP and ABAP PlatformCWE-200 | 4.9 | - | 2022-02-09 |
| CVE-2022-22543 | SAP NetWeaver Application Server 资源管理错误漏洞 — SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel)CWE-400 | 7.5 | - | 2022-02-09 |
| CVE-2022-22542 | Sap Crm Web Channel 信息泄露漏洞 — SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer)CWE-200 | 6.5 | - | 2022-02-09 |
| CVE-2022-22539 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise ViewerCWE-20 | 6.5 | - | 2022-02-09 |
| CVE-2022-22536 | SAP多个产品环境问题漏洞 — SAP NetWeaver and ABAP PlatformCWE-444 | 9.8 | - | 2022-02-09 |
| CVE-2022-22540 | SAP NetWeaver AS SQL注入漏洞 — SAP NetWeaver AS ABAP (Workplace Server)CWE-89 | 7.5 | - | 2022-02-09 |
| CVE-2022-22538 | SAP多个产品输入验证错误漏洞 — SAP 3D Visual Enterprise ViewerCWE-20 | 6.5 | - | 2022-02-09 |
| CVE-2022-22537 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 — SAP 3D Visual Enterprise ViewerCWE-20 | 6.5 | - | 2022-02-09 |
| CVE-2022-22535 | SAP ERP HCM 安全漏洞 — SAP ERP HCM (Portugal)CWE-862 | - | - | 2022-02-09 |
| CVE-2022-22534 | SAP Netweaver 跨站脚本漏洞 — SAP NetWeaver (ABAP and Java application Servers) | 6.1 | - | 2022-02-09 |
| CVE-2022-22533 | SAP NetWeaver Application Server Java 资源管理错误漏洞 — SAP NetWeaver Application Server JavaCWE-416 | 7.5 | - | 2022-02-09 |
| CVE-2022-22532 | SAP多个产品环境问题漏洞 — SAP NetWeaver Application Server JavaCWE-444 | 9.8 | - | 2022-02-09 |
| CVE-2022-22528 | SAP Adaptive Server Enterprise 代码问题漏洞 — SAP Adaptive Server EnterpriseCWE-427 | 7.8 | - | 2022-02-09 |
| CVE-2021-42067 | SAP NetWeaver AS 安全漏洞 — SAP NetWeaver AS for ABAP and ABAP Platform | 4.3 | - | 2022-01-14 |
| CVE-2022-22529 | SAP Enterprise Threat Detection 跨站脚本漏洞 — SAP Enterprise Threat Detection | 6.1 | - | 2022-01-14 |
| CVE-2022-22531 | SAP ERP 安全漏洞 — SAP S/4HANA | 7.1 | - | 2022-01-14 |
| CVE-2021-44234 | SAP Business One 日志信息泄露漏洞 — SAP Business OneCWE-532 | 5.5 | - | 2022-01-14 |
| CVE-2022-22530 | SAP ERP 安全漏洞 — SAP S/4HANA | 8.1 | - | 2022-01-14 |
This page lists every published CVE security advisory associated with SAP SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.