SAP_SE 厂商相关 527 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。
SAP SE 是全球领先的企业应用软件供应商,其核心产品涵盖 ERP、CRM 及数据分析平台。历史漏洞多集中于远程代码执行、身份验证绕过及跨站脚本,常因复杂集成逻辑或配置缺陷引发。近期关注点包括云环境下的权限管理风险及供应链依赖问题。作为关键基础设施提供商,其系统稳定性与数据完整性对众多大型企业至关重要,需持续强化补丁管理与访问控制机制。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2024-22128 | SAP NetWeaver Business Client for HTML 安全漏洞 — SAP NetWeaver Business Client for HTMLCWE-79 | 4.7 | Medium | 2024-02-13 |
| CVE-2024-22126 | SAP NetWeaver AS 跨站脚本漏洞 — SAP NetWeaver AS Java (User Admin Application)CWE-79 | 6.1 | Medium | 2024-02-13 |
| CVE-2024-22125 | SAP GUI 安全漏洞 — Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge)CWE-497 | 7.4 | High | 2024-01-09 |
| CVE-2024-22124 | SAP Web Dispatcher 安全漏洞 — SAP NetWeaver (Internet Communication Manager)CWE-497 | 4.1 | Medium | 2024-01-09 |
| CVE-2024-21738 | SAP NetWeaver ABAP Server 跨站脚本漏洞 — SAP NetWeaver ABAP Application Server and ABAP PlatformCWE-79 | 4.1 | Medium | 2024-01-09 |
| CVE-2024-21737 | SAP Application Interface Framework 代码注入漏洞 — SAP Application Interface Framework (File Adapter)CWE-94 | 8.4 | High | 2024-01-09 |
| CVE-2024-21736 | SAP S/4HANA 授权问题漏洞 — SAP S/4HANA Finance (Advanced Payment Management)CWE-863 | 6.4 | Medium | 2024-01-09 |
| CVE-2024-21735 | SAP LT Replication Server 授权问题漏洞 — SAP LT Replication ServerCWE-863 | 7.3 | High | 2024-01-09 |
| CVE-2024-21734 | SAP Marketing 输入验证错误漏洞 — SAP Marketing (Contacts App)CWE-601 | 3.7 | Low | 2024-01-09 |
| CVE-2023-50424 | SAP BTP Security Services Integration Library 安全漏洞 — github.com/sap/cloud-security-client-goCWE-749 | 9.1 | Critical | 2023-12-12 |
| CVE-2023-50423 | SAP BTP Security Services Integration Library 安全漏洞 — sap-xssecCWE-749 | 9.1 | Critical | 2023-12-12 |
| CVE-2023-6542 | SAP Emarsys SDK 安全漏洞 — SAP EMARSYS SDK ANDROIDCWE-863 | 7.1 | High | 2023-12-12 |
| CVE-2023-49587 | SAP Solution Manager 命令注入漏洞 — SAP Solution ManagerCWE-77 | 6.4 | Medium | 2023-12-12 |
| CVE-2023-49584 | SAP Fiori 环境问题漏洞 — SAP Fiori LaunchpadCWE-444 | 4.3 | Medium | 2023-12-12 |
| CVE-2023-50422 | SAP BTP Security Services Integration Library 安全漏洞 — cloud-security-services-integration-libraryCWE-749 | 9.1 | Critical | 2023-12-12 |
| CVE-2023-49583 | SAP BTP Security Services Integration Library 安全漏洞 — @sap/xssecCWE-749 | 9.1 | Critical | 2023-12-12 |
| CVE-2023-49581 | SAP GUI 信息泄露漏洞 — SAP NetWeaver Application Server ABAP and ABAP PlatformCWE-89 | 4.1 | Medium | 2023-12-12 |
| CVE-2023-49580 | SAP GUI 其他漏洞 — SAP GUI for Windows and SAP GUI for JavaCWE-732 | 7.3 | High | 2023-12-12 |
| CVE-2023-49578 | SAP Cloud Connector 资源管理错误漏洞 — SAP Cloud ConnectorCWE-732 | 3.5 | Low | 2023-12-12 |
| CVE-2023-49577 | SAP HCM Travel Management 跨站脚本漏洞 — SAP HCM (SMART PAYE solution)CWE-79 | 6.1 | Medium | 2023-12-12 |
| CVE-2023-49058 | SAP Master Data Governance 路径遍历漏洞 — SAP Master Data GovernanceCWE-22 | 3.5 | Low | 2023-12-12 |
| CVE-2023-42481 | SAP Commerce Cloud 访问控制错误漏洞 — SAP Commerce CloudCWE-640 | 8.1 | High | 2023-12-12 |
| CVE-2023-42479 | SAP Biller Direct 跨站脚本漏洞 — SAP Biller DirectCWE-79 | 6.1 | Medium | 2023-12-12 |
| CVE-2023-42478 | SAP Business Objects 跨站脚本漏洞 — Business Objects BI PlatformCWE-79 | 7.5 | High | 2023-12-12 |
| CVE-2023-42476 | SAP Business Objects Web Intelligence 跨站脚本漏洞 — SAP BusinessObjects Web IntelligenceCWE-79 | 6.8 | Medium | 2023-12-12 |
| CVE-2023-42480 | SAP NetWeaver AS Java Logon 安全漏洞 — NetWeaver AS JavaCWE-307 | 5.3 | Medium | 2023-11-14 |
| CVE-2023-41366 | SAP NetWeaver Application Server 安全漏洞 — SAP NetWeaver Application Server ABAP and ABAP PlatformCWE-497 | 5.3 | Medium | 2023-11-14 |
| CVE-2023-31403 | SAP Business One 访问控制错误漏洞 — SAP Business OneCWE-863 | 9.6 | Critical | 2023-11-14 |
| CVE-2023-42477 | SAP NetWeaver AS 代码问题漏洞 — SAP NetWeaver AS JavaCWE-918 | 6.5 | Medium | 2023-10-10 |
| CVE-2023-42475 | SAP S/4HANA 信息泄露漏洞 — SAP S/4HANA CoreCWE-209 | 4.3 | Medium | 2023-10-10 |
本页汇总了 SAP_SE 厂商截至目前公开的全部 527 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。