Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SAP — Vulnerabilities & Security Advisories 159

Browse all 159 CVE security advisories affecting SAP. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SAP operates enterprise resource planning software that manages core business processes for global organizations. With 159 recorded CVEs, the platform has historically been susceptible to remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from complex integrations and legacy codebases, allowing attackers to bypass authentication or execute arbitrary commands. Notable incidents include critical flaws in SAP NetWeaver and SAP HANA, which exposed sensitive data and enabled unauthorized system access. The sheer scale of SAP deployments makes it a high-value target for ransomware groups and state-sponsored actors seeking to disrupt supply chains or financial operations. Security teams must prioritize patching these known weaknesses, as unaddressed vulnerabilities can lead to significant data breaches and operational downtime. Continuous monitoring and strict access controls are essential to mitigate the inherent risks associated with such a pervasive enterprise ecosystem.

Top products by SAP: NetWeaver AS for ABAP and ABAP Platform SAP Fiori Client SAP BusinessObjects Business Intelligence Platform SAP HANA extended application services NetWeaver AS ABAP (BSP Framework) NetWeaver Application Server for ABAP and ABAP Platform BusinessObjects Business Intelligence Platform (Web Services) SAP Internet Graphics Server (IGS) NetWeaver AS for Java SAP BusinessObjects Business Intelligence SAP HANA CRM (WebClient UI) Application Interface Framework (Message Dashboard) Business Planning and Consolidation SAP NetWeaver AS Java (ServerCore) NetWeaver Process Integration SAP Adaptive Server Enterprise (ASE) Solution Manager SAP BusinessObjects Business Intelligence Suite SAP Enterprise Financial Services Solution Manager (BSP Application) NetWeaver ABAP Server and ABAP Platform NetWeaver AS ABAP and ABAP Platform HCM Fiori App My Forms (Fiori 2.0) Bank Account Management (Manage Banks) Commerce Webservices 2.0 (Swagger UI) Sourcing and SAP Contract Lifecycle Management BusinessObjects Business Intelligence Platform Disclosure Management BASIS
CVE IDTitleCVSSSeverityPublished
CVE-2018-2473 SAP BusinessObjects Business Intelligence Platform Server 安全漏洞 — SAP BusinessObjects Business Intelligence Platform Server 7.5 -2018-11-13
CVE-2018-2476 SAP NetWeaver 安全漏洞 — SAP NetWeaver (forums) 6.1 -2018-11-13
CVE-2018-2477 SAP NetWeaver Knowledge Management (XMLForms) 安全漏洞 — Knowledge Management (XMLForms) in SAP NetWeaver 8.8 -2018-11-13
CVE-2018-2478 SAP BASIS 安全漏洞 — SAP Basis (TREX / BWA installation) 7.2 -2018-11-13
CVE-2018-2479 SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (BIWorkspace) 6.1 -2018-11-13
CVE-2018-2481 SAP_ABA 安全漏洞 — SAP_ABA 7.2 -2018-11-13
CVE-2018-2482 SAP Mobile Secure for Android 安全漏洞 — SAP Mobile Secure Android Application 6.2 -2018-11-13
CVE-2018-2483 SAP BusinessObjects Business Intelligence Platform BI CMC 输入验证错误漏洞 — SAP BusinessObjects Business Intelligence Platform 5.3 -2018-11-13
CVE-2018-2485 SAP Fiori Client 安全漏洞 — SAP Fiori Client 7.3 -2018-11-13
CVE-2018-2487 SAP Disclosure Management 信息泄露漏洞 — SAP Disclosure Management 7.7 -2018-11-13
CVE-2018-2488 SAP Fiori Client 输入验证错误漏洞 — SAP Fiori Client 7.8 -2018-11-13
CVE-2018-2489 SAP Fiori Client 安全漏洞 — SAP Fiori Client 5.5 -2018-11-13
CVE-2018-2490 SAP Fiori Client 安全漏洞 — SAP Fiori Client 7.8 -2018-11-13
CVE-2018-2491 SAP Fiori Client 安全漏洞 — SAP Fiori Client 7.8 -2018-11-13
CVE-2018-2466 SAP Data Services 跨站脚本漏洞 — SAP Data Services 6.1 -2018-10-09
CVE-2018-2467 SAP BusinessObjects Business Intelligence Platform Servers Software Development Kit 信息泄露漏洞 — SAP BusinessObjects BI Platform Servers (Software Development Kit) 5.3 -2018-10-09
CVE-2018-2468 SAP Adaptive Server Enterprise 信息泄露漏洞 — SAP Adaptive Server Enterprise (ASE) 7.5 -2018-10-09
CVE-2018-2469 SAP Adaptive Server Enterprise 信息泄露漏洞 — SAP Adaptive Server Enterprise (ASE) 7.5 -2018-10-09
CVE-2018-2470 SAP NetWeaver Application Server for ABAP 跨站脚本漏洞 — SAP NetWeaver Application Server for ABAP 6.1 -2018-10-09
CVE-2018-2471 SAP BusinessObjects Business Intelligence Platform 信息泄露漏洞 — SAP BusinessObjects Business Intelligence Platform 7.5 -2018-10-09
CVE-2018-2472 SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform 5.4 -2018-10-09
CVE-2018-2474 SAP ERP HCM SAP Fiori 跨站请求伪造漏洞 — SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) 8.1 -2018-10-09
CVE-2018-2475 Gardener 访问控制错误漏洞 — project “Gardener” 8.5 -2018-10-09
CVE-2018-2452 SAP NetWeaver AS Java 跨站脚本漏洞 — SAP NetWeaver AS Java 6.1 -2018-09-11
CVE-2018-2454 SAP Enterprise Financial Services 安全漏洞 — SAP Enterprise Financial Services 8.8 -2018-09-11
CVE-2018-2455 SAP Enterprise Financial Services 安全漏洞 — SAP Enterprise Financial Services 8.8 -2018-09-11
CVE-2018-2457 SAP Adaptive Server Enterprise 信息泄露漏洞 — SAP Adaptive Server Enterprise 6.5 -2018-09-11
CVE-2018-2458 SAP Business One 信息泄露漏洞 — SAP Business One 6.5 -2018-09-11
CVE-2018-2459 SAP Mobile Platform Offline OData application 安全漏洞 — SAP Mobile Platform 7.5 -2018-09-11
CVE-2018-2460 SAP Business One Android Application 安全漏洞 — SAP Business One Android application 5.9 -2018-09-11

This page lists every published CVE security advisory associated with SAP. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.