Skip to main content

Business Planning And Consolidation

5 CVEs product

Monthly

CVE-2023-31407 MEDIUM This Month

SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP XSS Business Planning And Consolidation
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-23851 MEDIUM This Month

SAP Business Planning and Consolidation - versions 200, 300, allows an attacker with business authorization to upload any files (including web pages) without the proper file format validation. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP File Upload Business Planning And Consolidation
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-0016 HIGH This Week

SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP SQLi Business Planning And Consolidation
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-41268 HIGH This Week

In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

SAP Privilege Escalation Business Planning And Consolidation
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2020-6368 MEDIUM This Month

SAP Business Planning and Consolidation, versions - 750, 751, 752, 753, 754, 755, 810, 100, 200, can be abused by an attacker, allowing them to modify displayed application content without. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS SAP Business Planning And Consolidation
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 0% CVSS 5.4
MEDIUM This Month

SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP XSS Business Planning And Consolidation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

SAP Business Planning and Consolidation - versions 200, 300, allows an attacker with business authorization to upload any files (including web pages) without the proper file format validation. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP File Upload Business Planning And Consolidation
NVD
EPSS 1% CVSS 8.8
HIGH This Week

SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP SQLi Business Planning And Consolidation
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

SAP Privilege Escalation Business Planning And Consolidation
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

SAP Business Planning and Consolidation, versions - 750, 751, 752, 753, 754, 755, 810, 100, 200, can be abused by an attacker, allowing them to modify displayed application content without. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS SAP Business Planning And Consolidation
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy