Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SAP_SE — Vulnerabilities & Security Advisories 527

Browse all 527 CVE security advisories affecting SAP_SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SAP SE operates as a global leader in enterprise application software, primarily providing ERP solutions that manage complex business processes, supply chains, and human resources for large organizations. This extensive attack surface has resulted in 527 recorded CVEs, reflecting the critical nature of its infrastructure. Historically, vulnerabilities within SAP systems frequently involve remote code execution, SQL injection, and cross-site scripting, often stemming from complex integrations and legacy components. Privilege escalation remains a significant concern, allowing unauthorized users to gain administrative access. While SAP maintains rigorous security protocols, past incidents highlight risks associated with default configurations and unpatched middleware. The company actively issues security patches, yet the sheer volume of disclosed flaws underscores the challenges of securing highly interconnected, mission-critical enterprise environments against sophisticated cyber threats.

Top products by SAP_SE: SAP BusinessObjects Business Intelligence Platform SAP NetWeaver Application server for ABAP and ABAP Platform SAP NetWeaver Application Server for ABAP SAP NetWeaver Application Server ABAP SAP GUI for Windows SAP NetWeaver Application Server Java SAP NetWeaver Application Server ABAP and ABAP Platform SAP Business Connector SAP Commerce Cloud SAP CRM WebClient UI SAP NetWeaver AS ABAP and ABAP Platform SAP Enable Now SAP Fiori App (Intercompany Balance Reconciliation) SAP Supplier Relationship Management (Live Auction Cockpit) SAP NetWeaver Enterprise Portal SAP NetWeaver SAP Solution Manager SAP NetWeaver AS Java SAPCAR SAP Commerce SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) SAP Business One (SLD) SAP NetWeaver AS for JAVA (Adobe Document Services) SAP HCM (My Timesheet Fiori 2.0 application) SAP Supplier Relationship Management SAP CommonCryptoLib SAP BusinessObjects Business Intelligence Platform (Web Intelligence) SAP BusinessObjects Web Intelligence SAP Cloud Connector SAP Financial Consolidation
CVE IDTitleCVSSSeverityPublished
CVE-2024-32731 Missing Authorization check in SAP My Travel Requests — SAP My Travel Requests CWE-862 5.5 Medium2024-05-14
CVE-2024-32730 Missing authorization check in SAP Enable Now Manager — SAP Enable NowCWE-862 6.5 Medium2024-04-26
CVE-2024-30218 Denial of service (DOS) vulnerability in SAP NetWeaver AS ABAP and ABAP Platform — SAP NetWeaver AS ABAP and ABAP PlatformCWE-605 6.5 Medium2024-04-09
CVE-2024-30217 Missing Authorization check in SAP S/4 HANA (Cash Management) — SAP S/4 HANA (Cash Management)CWE-862 4.3 Medium2024-04-09
CVE-2024-30216 Missing Authorization check in SAP S/4 HANA (Cash Management) — SAP S/4 HANA (Cash Management)CWE-862 4.3 Medium2024-04-09
CVE-2024-30215 Cross-Site Scripting (XSS) vulnerability in SAP Business Connector — SAP Business ConnectorCWE-79 4.8 Medium2024-04-09
CVE-2024-30214 Cross-Site Scripting (XSS) vulnerability in SAP Business Connector — SAP Business ConnectorCWE-79 4.8 Medium2024-04-09
CVE-2024-28167 Missing Authorization check in SAP Group Reporting Data Collection (Enter Package Data) — SAP Group Reporting Data Collection (Enter Package Data)CWE-862 6.5 Medium2024-04-09
CVE-2024-27901 Directory Traversal vulnerability in SAP Asset Accounting — SAP Asset AccountingCWE-35 7.2 High2024-04-09
CVE-2024-27899 Security misconfiguration vulnerability in SAP NetWeaver AS Java User Management Engine — SAP NetWeaver AS Java User Management EngineCWE-640 8.8 High2024-04-09
CVE-2024-27898 Server-Side Request Forgery in SAP NetWeaver — SAP NetWeaverCWE-918 5.3 Medium2024-04-09
CVE-2024-25646 Information Disclosure vulnerability in SAP BusinessObjects Web Intelligence — SAP BusinessObjects Web IntelligenceCWE-732 7.7 High2024-04-09
CVE-2024-25645 Information Disclosure vulnerability in SAP NetWeaver (Enterprise Portal) — SAP NetWeaver (Enterprise Portal)CWE-732 5.3 Medium2024-03-12
CVE-2024-28163 Information Disclosure vulnerability in SAP NetWeaver Process Integration (Support Web Pages) — SAP NetWeaver Process Integration (Support Web Pages)CWE-732 5.3 Medium2024-03-12
CVE-2024-27902 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver AS ABAP applications based on SAPGUI for HTML (WebGUI) — SAP NetWeaver AS ABAP applications based on SAPGUI for HTML (WebGUI)CWE-79 5.4 Medium2024-03-12
CVE-2024-27900 Missing Authorization check in SAP ABAP Platform — SAP ABAP PlatformCWE-862 4.3 Medium2024-03-12
CVE-2024-25644 Information Disclosure vulnerability in NetWeaver (WSRM) — NetWeaver (WSRM)CWE-732 5.3 Medium2024-03-12
CVE-2024-22133 Improper Access Control in SAP Fiori Front End Server — SAP Fiori Front End ServerCWE-863 4.6 Medium2024-03-12
CVE-2024-22127 Code Injection vulnerability in SAP NetWeaver AS Java (Administrator Log Viewer plug-in) — SAP NetWeaver AS Java (Administrator Log Viewer plug-in)CWE-77 9.1 Critical2024-03-12
CVE-2024-24741 Missing Authorization check in SAP Master Data Governance Material — SAP Master Data Governance MaterialCWE-862 4.3 Medium2024-02-13
CVE-2024-22129 Cross-Site Scripting (XSS) vulnerability in SAP Companion — SAP CompanionCWE-79 5.4 Medium2024-02-13
CVE-2024-25643 Missing authorization check in SAP Fiori app (My Overtime Requests) — SAP Fiori app (My Overtime Requests)CWE-862 4.3 Medium2024-02-13
CVE-2024-25642 Improper Certificate Validation in SAP Cloud Connector — SAP Cloud ConnectorCWE-295 7.4 High2024-02-13
CVE-2024-24743 XXE vulnerability in SAP NetWeaver AS Java (Guided Procedures) — SAP NetWeaver AS Java (Guided Procedures)CWE-611 8.6 High2024-02-13
CVE-2024-24742 Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI) — SAP CRM (WebClient UI)CWE-79 4.1 Medium2024-02-13
CVE-2024-24740 Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP (SAP Kernel) — SAP NetWeaver Application Server ABAP (SAP Kernel)CWE-732 5.3 Medium2024-02-13
CVE-2024-24739 Missing authorization check in SAP BAM (Bank Account Management) — SAP BAM (Bank Account Management)CWE-862 6.3 Medium2024-02-13
CVE-2024-22132 Code Injection vulnerability in SAP IDES Systems — SAP IDES SystemsCWE-78 7.4 High2024-02-13
CVE-2024-22131 Code Injection vulnerability in SAP ABA (Application Basis) — SAP ABA (Application Basis)CWE-94 9.1 Critical2024-02-13
CVE-2024-22130 Cross-Site Scripting (XSS) vulnerability in SAP CRM WebClient UI — SAP CRM WebClient UICWE-79 7.6 High2024-02-13

This page lists every published CVE security advisory associated with SAP_SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.