Sap Netweaver As For Java vulnerabilities
3 known vulnerabilities affecting sap/netweaver_as_for_java.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-23857HIGHCVSS 8.6v7.502023-03-14
CVE-2023-23857 [CRITICAL] CWE-287 CVE-2023-23857: Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthentic
Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and services across systems. On a successful exploitation, the atta
cvelistv5nvd
CVE-2023-26460MEDIUMCVSS 5.3v7.502023-03-14
CVE-2023-26460 [MEDIUM] CWE-284 CVE-2023-26460: Cache Management Service in SAP NetWeaver Application Server for Java - version 7.50, does not perfo
Cache Management Service in SAP NetWeaver Application Server for Java - version 7.50, does not perform any authentication checks for functionalities that require user identity
cvelistv5nvd
CVE-2023-0017CRITICALCVSS 9.8v7.502023-01-10
CVE-2023-0017 [CRITICAL] CWE-284 CVE-2023-0017: An unauthenticated attacker in SAP NetWeaver AS for Java - version 7.50, due to improper access cont
An unauthenticated attacker in SAP NetWeaver AS for Java - version 7.50, due to improper access control, can attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data on the current system. This could allow the attacker to have full re
cvelistv5nvd