Skip to main content

Sap Business Process Automation

3 CVEs product

Monthly

CVE-2018-2401 HIGH This Week

SAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document accepted from an untrusted source resulting in an XML External Entity (XXE) vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE SAP Sap Business Process Automation
NVD
CVSS 3.0
8.8
EPSS
1.7%
CVE-2018-2400 HIGH This Week

Under certain conditions SAP Business Process Automation (BPA) By Redwood, 9.00, 9.10, allows an attacker to access information which would otherwise be restricted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Sap Business Process Automation
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2018-2366 MEDIUM This Month

SAP Business Process Automation (BPA) By Redwood, 9.0, 9.1, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Path Traversal Sap Business Process Automation
NVD
CVSS 3.0
4.3
EPSS
1.6%
EPSS 2% CVSS 8.8
HIGH This Week

SAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document accepted from an untrusted source resulting in an XML External Entity (XXE) vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE SAP Sap Business Process Automation
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Under certain conditions SAP Business Process Automation (BPA) By Redwood, 9.00, 9.10, allows an attacker to access information which would otherwise be restricted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Sap Business Process Automation
NVD
EPSS 2% CVSS 4.3
MEDIUM This Month

SAP Business Process Automation (BPA) By Redwood, 9.0, 9.1, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Path Traversal Sap Business Process Automation
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy