SAP 厂商相关 159 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。
SAP 是全球领先的企业应用软件供应商,其核心产品涵盖 ERP、CRM 及数据分析平台。历史漏洞多集中于远程代码执行、SQL 注入及身份验证绕过,常因复杂集成架构引发越权访问。近期重大事件涉及多个高严重性 CVE,影响部分云端及本地部署版本。厂商持续发布安全补丁以修复逻辑缺陷,建议用户及时更新并强化访问控制策略,降低潜在攻击面。
| CVE ID | タイトル | CVSS | 深刻度 | 公開日 |
|---|---|---|---|---|
| CVE-2018-2461 | SAP HCM Fiori People Profile GBX01 HR 安全漏洞 — GBX01 HR | 8.8 | - | 2018-09-11 |
| CVE-2018-2462 | SAP NetWeaver BI 安全漏洞 — SAP NetWeaver BI | 8.3 | - | 2018-09-11 |
| CVE-2018-2463 | SAP Hybris Commerce Omni Commerce Connect API 代码问题漏洞 — SAP Hybris Commerce | 8.6 | - | 2018-09-11 |
| CVE-2018-2464 | SAP WebDynpro Java 跨站脚本漏洞 — SAP WebDynpro | 6.1 | - | 2018-09-11 |
| CVE-2018-2465 | SAP HANA 安全漏洞 — SAP HANA | 7.5 | - | 2018-09-11 |
| CVE-2018-2441 | SAP KERNEL 输入验证错误漏洞 — SAP Change and Transport System (ABAP) | 7.5 | - | 2018-08-14 |
| CVE-2018-2442 | SAP BusinessObjects Business Intelligence 跨站请求伪造漏洞 — SAP BusinessObjects Business Intelligence | 4.3 | - | 2018-08-14 |
| CVE-2018-2444 | SAP Business Objects Financial Consolidation 跨站脚本漏洞 — SAP BusinessObjects Financial Consolidation | 6.1 | - | 2018-08-14 |
| CVE-2018-2445 | SAP BusinessObjects Business Intelligence Admin Tools 安全漏洞 — SAP BusinessObjects Business Intelligence Platform | 9.6 | - | 2018-08-14 |
| CVE-2018-2446 | SAP BusinessObjects Business Intelligence Admin Tools 信息泄露漏洞 — SAP BusinessObjects Business Intelligence | 7.5 | - | 2018-08-14 |
| CVE-2018-2447 | SAP BusinessObjects Business Intelligence 安全漏洞 — SAP BusinessObjects Business Intelligence | 6.5 | - | 2018-08-14 |
| CVE-2018-2448 | SAP BusinessObjects Business Intelligence Platform Admin Tools 信息泄露漏洞 — SAP SRM-MDM CATALOG | 5.3 | - | 2018-08-14 |
| CVE-2018-2449 | SAP SRM MDM Catalog 安全漏洞 — SAP Supplier Relationship Management Master Data Management Catalog | 8.2 | - | 2018-08-14 |
| CVE-2018-2450 | SAP MaxDB(liveCache安全漏洞 — SAP MaxDB (liveCache) | 7.2 | - | 2018-08-14 |
| CVE-2018-2451 | SAP HANA Extended Application Services 代码问题漏洞 — SAP HANA Extended Application Services | 7.5 | - | 2018-08-14 |
| CVE-2018-2427 | SAP BusinessObjects Business Intelligence Suite和Crystal Reports 代码注入漏洞 — SAP BusinessObjects Business Intelligence Suite | 8.8 | - | 2018-07-10 |
| CVE-2018-2431 | SAP BusinessObjects Business Intelligence Suite 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Suite | 6.1 | - | 2018-07-10 |
| CVE-2018-2432 | SAP BusinessObjects Business Intelligence 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence (BI Launchpad and Central Management Console) | 5.4 | - | 2018-07-10 |
| CVE-2018-2433 | SAP Gateway 安全漏洞 — SAP Gateway | 7.5 | - | 2018-07-10 |
| CVE-2018-2434 | SAP UI、NetWeaver和UI_Infra 输入验证错误漏洞 — SAP NetWeaver (UI_Infra) | 4.3 | - | 2018-07-10 |
| CVE-2018-2435 | SAP NetWeaver Enterprise Portal 跨站脚本漏洞 — SAP NetWeaver Enterprise Portal | 6.1 | - | 2018-07-10 |
| CVE-2018-2436 | SAP R/3 Enterprise Retail (EHP6) Executing transaction WRCK 安全漏洞 — SAP R/3 Enterprise Retail | 8.8 | - | 2018-07-10 |
| CVE-2018-2437 | SAP Internet Graphics Server 命令注入漏洞 — SAP Internet Graphics Server (IGS) | 9.1 | - | 2018-07-10 |
| CVE-2018-2438 | SAP Internet Graphics Server 安全漏洞 — SAP Internet Graphics Server (IGS) | 7.5 | - | 2018-07-10 |
| CVE-2018-2439 | SAP Internet Graphics Server 安全漏洞 — SAP Internet Graphics Server (IGS) | 5.9 | - | 2018-07-10 |
| CVE-2018-2440 | SAP Dynamic Authorization Management by NextLabs 安全漏洞 — SAP Dynamic Authorization Management (DAM) by NextLabs (Java Policy Controller versions) | 4.4 | - | 2018-07-10 |
| CVE-2018-2416 | SAP Identity Management 安全漏洞 — SAP Identity Management | 7.1 | - | 2018-05-09 |
| CVE-2017-16678 | SAP NetWeaver Knowledge Management Configuration Service 代码问题漏洞 — SAP NetWeaver Knowledge Management Configuration Service | 5.5 | - | 2017-12-12 |
| CVE-2017-16679 | SAP KERNEL SAP Startup Service 安全漏洞 — SAP Startup Service | 6.1 | - | 2017-12-12 |
| CVE-2017-16680 | SAP HANA Extended Application Services 安全漏洞 — SAP HANA extended application services | 7.5 | - | 2017-12-12 |
本页汇总了 SAP 厂商截至目前公开的全部 159 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。