Netweaver enterprise portal
This hub aggregates every CVE we track for Netweaver enterprise portal, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
20
CVEs tracked
0
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM20
Monthly trend
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Netweaver enterprise portal.
- CVE-2024-47594Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal (KMC)5.4
- CVE-2024-25645Information Disclosure vulnerability in SAP NetWeaver (Enterprise Portal)5.3
- CVE-2023-28761Missing Authentication check in SAP NetWeaver Enterprise Portal6.5
- CVE-2023-26461XML External Entity (XXE) vulnerability in SAP NetWeaver (SAP Enterprise Portal)6.8
- CVE-2022-35298SAP NetWeaver Enterprise Portal (KMC) - version 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability. KMC servlet is vulnerable to XSS attack. ...6.1
- CVE-2022-35225SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scriptin...6.1
- CVE-2022-35227A vulnerability in SAP NW EP (WPC) - versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote attacker to conduct a Cross-Site (XSS) scripting at...6.1
- CVE-2022-35172SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerabi...6.1
- CVE-2022-35170SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scriptin...6.1
- CVE-2022-32247SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the Use...6.1
- CVE-2022-26105SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the use...6.1
- CVE-2022-24397SAP NetWeaver Enterprise Portal - versions 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.This reflecte...6.1
- CVE-2022-24395SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerabi...6.1
- CVE-2021-21489SAP NetWeaver Enterprise Portal versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user related data, resulting in Stored Cross-Site Scripting (XSS) vulnerability. Th...4.8
- CVE-2021-33702Under certain conditions, NetWeaver Enterprise Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode report data. An attacker can craft malicious data and print ...6.1
Product normalization is registry-driven with AI assist and human review. How it works