Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

SAP_SE — Vulnerabilities & Security Advisories 542

Browse all 542 CVE security advisories affecting SAP_SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SAP SE operates as a global leader in enterprise application software, primarily providing ERP solutions that manage complex business processes, supply chains, and human resources for large organizations. This extensive attack surface has resulted in 527 recorded CVEs, reflecting the critical nature of its infrastructure. Historically, vulnerabilities within SAP systems frequently involve remote code execution, SQL injection, and cross-site scripting, often stemming from complex integrations and legacy components. Privilege escalation remains a significant concern, allowing unauthorized users to gain administrative access. While SAP maintains rigorous security protocols, past incidents highlight risks associated with default configurations and unpatched middleware. The company actively issues security patches, yet the sheer volume of disclosed flaws underscores the challenges of securing highly interconnected, mission-critical enterprise environments against sophisticated cyber threats.

Top products by SAP_SE: SAP BusinessObjects Business Intelligence Platform SAP NetWeaver Application server for ABAP and ABAP Platform SAP NetWeaver Application Server for ABAP SAP NetWeaver Application Server ABAP SAP GUI for Windows SAP NetWeaver Application Server ABAP and ABAP Platform SAP NetWeaver Application Server Java SAP Commerce Cloud SAP CRM WebClient UI SAP Business Connector SAP Fiori App (Intercompany Balance Reconciliation) SAP NetWeaver AS ABAP and ABAP Platform SAP Enable Now SAP NetWeaver Enterprise Portal SAP Supplier Relationship Management (Live Auction Cockpit) SAP NetWeaver SAP Solution Manager SAPCAR SAP NetWeaver AS Java SAP Commerce SAP Financial Consolidation SAP Web Dispatcher SAP NetWeaver AS for JAVA (Adobe Document Services) SAP Business One (SLD) SAP Supplier Relationship Management SAP CommonCryptoLib SAP Cloud Connector SAP BusinessObjects Business Intelligence Platform (Web Intelligence) SAP BusinessObjects Web Intelligence SAP MDM Server
CVE IDTitleCVSSSeverityPublished
CVE-2024-45281 DLL hijacking vulnerability in SAP BusinessObjects Business Intelligence Platform — SAP BusinessObjects Business Intelligence PlatformCWE-426 5.8 Medium2024-09-10
CVE-2024-45280 Cross-Site Scripting (XSS) Vulnerability in SAP NetWeaver AS Java (Logon Application) — SAP NetWeaver AS Java (Logon Application)CWE-79 4.8 Medium2024-09-10
CVE-2024-45279 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel) — SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel)CWE-79 6.1 Medium2024-09-10
CVE-2024-44121 Information Disclosure in SAP S/4 HANA (Statutory Reports) — SAP S/4 HANA (Statutory Reports)CWE-213 4.3 Medium2024-09-10
CVE-2024-44120 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal — SAP NetWeaver Enterprise PortalCWE-79 4.7 Medium2024-09-10
CVE-2024-44117 Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform — SAP NetWeaver Application Server for ABAP and ABAP PlatformCWE-862 5.4 Medium2024-09-10
CVE-2024-44112 Missing Authorization check in SAP for Oil & Gas (Transportation and Distribution) — SAP for Oil & GasCWE-862 4.3 Medium2024-09-10
CVE-2024-41728 Missing Authorization check in SAP NetWeaver Application Server for ABAP and ABAP Platform — SAP NetWeaver Application Server for ABAP and ABAP PlatformCWE-862 2.7 Low2024-09-10
CVE-2024-45286 Missing Authorization check in SAP Production and Revenue Accounting (Tobin interface) — SAP Production and Revenue Accounting (Tobin interface)CWE-862 6.5 Medium2024-09-10
CVE-2024-44116 Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform — SAP NetWeaver Application Server for ABAP and ABAP PlatformCWE-862 4.3 Medium2024-09-10
CVE-2024-44115 Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform — SAP NetWeaver Application Server for ABAP and ABAP PlatformCWE-862 4.3 Medium2024-09-10
CVE-2024-44114 Missing Authorization check in SAP NetWeaver Application Server for ABAP and ABAP Platform — SAP NetWeaver Application Server for ABAP and ABAP PlatformCWE-863 2.0 Low2024-09-10
CVE-2024-44113 Information Disclosure vulnerability in the SAP Business Warehouse (BEx Analyzer) — SAP Business Warehouse (BEx Analyzer)CWE-359 4.3 Medium2024-09-10
CVE-2024-42380 Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform — SAP NetWeaver Application Server for ABAP and ABAP PlatformCWE-862 4.3 Medium2024-09-10
CVE-2024-42378 Cross-Site Scripting (XSS) in eProcurement on S/4HANA — SAP S/4HANA eProcurementCWE-79 6.1 Medium2024-09-10
CVE-2024-42371 Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform — SAP NetWeaver Application Server for ABAP and ABAP PlatformCWE-862 5.4 Medium2024-09-10
CVE-2024-41729 Information Disclosure vulnerability in the SAP NetWeaver BW (BEx Analyzer) — SAP NetWeaver BW (BEx Analyzer)CWE-359 4.3 Medium2024-09-10
CVE-2024-39591 Missing Authorization check in SAP Document Builder — SAP Document BuilderCWE-862 4.3 Medium2024-08-13
CVE-2024-42373 Missing Authorization Check in SAP Student Life Cycle Management (SLcM) — SAP Student Life Cycle Management (SLcM)CWE-862 4.3 Medium2024-08-13
CVE-2024-41734 Missing Authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform — SAP NetWeaver Application Server ABAP and ABAP PlatformCWE-862 4.3 Medium2024-08-13
CVE-2024-41736 Information Disclosure vulnerability in SAP Permit to Work — SAP Permit to WorkCWE-200 4.3 Medium2024-08-13
CVE-2024-41731 Multiple Unrestricted File Upload vulnerabilities in SAP BusinessObjects Business Intelligence Platform — SAP BusinessObjects Business Intelligence PlatformCWE-434 3.1 Low2024-08-13
CVE-2024-28166 Multiple Unrestricted File Upload vulnerabilities in SAP BusinessObjects Business Intelligence Platform — SAP BusinessObjects Business Intelligence PlatformCWE-434 3.7 Low2024-08-13
CVE-2024-42375 Multiple Unrestricted File Upload vulnerabilities in SAP BusinessObjects Business Intelligence Platform — SAP BusinessObjects Business Intelligence PlatformCWE-434 4.3 Medium2024-08-13
CVE-2024-41732 Improper Access Control in SAP Netweaver Application Server ABAP — SAP NetWeaver Application Server ABAPCWE-284 4.7 Medium2024-08-13
CVE-2024-41737 Server-Side Request Forgery (SSRF) in SAP CRM ABAP (Insights Management) — SAP CRM ABAP (Insights Management)CWE-918 5.0 Medium2024-08-13
CVE-2024-41733 Information Disclosure Vulnerability in SAP Commerce — SAP CommerceCWE-200 5.3 Medium2024-08-13
CVE-2024-41735 Cross-Site Scripting (XSS) vulnerability in SAP Commerce Backoffice — SAP Commerce BackofficeCWE-79 5.4 Medium2024-08-13
CVE-2024-33005 Missing Authorization check in SAP NetWeaver Application Server (ABAP and Java),SAP Web Dispatcher and SAP Content Server — SAP NetWeaver Application Server (ABAP and Java),SAP Web Dispatcher and SAP Content ServerCWE-862 6.3 Medium2024-08-13
CVE-2024-42377 Multiple Missing Authorization Check vulnerabilities in SAP Shared Service Framework — SAP Shared Service FrameworkCWE-862 4.3 Medium2024-08-13

This page lists every published CVE security advisory associated with SAP_SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.