|
196851
|
5.9 |
MEDIUM
Network
|
citrix
|
citrix_sd-wan_center
netscaler_sd-wan_center
|
Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation.
|
CWE-295
Improper Certificate Validation
|
CVE-2020-6175
|
2024-11-21 14:35 |
2020-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196852
|
6.1 |
MEDIUM
Network
|
sap
|
fiori_launchpad
|
SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode user-controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable param…
|
CWE-79
Cross-site Scripting
|
CVE-2020-6210
|
2024-11-21 14:35 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196853
|
7.5 |
HIGH
Network
|
sap
|
disclosure_management
|
SAP Disclosure Management, version 10.1, does not perform necessary authorization checks for an authenticated user, allowing access to administration accounts by a user with no roles, leading to Miss…
|
CWE-862
Missing Authorization
|
CVE-2020-6209
|
2024-11-21 14:35 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196854
|
8.2 |
HIGH
Local
|
sap
|
crystal_reports
|
SAP Business Objects Business Intelligence Platform (Crystal Reports), versions- 4.1, 4.2, allows an attacker with basic authorization to inject code that can be executed by the application and thus …
|
CWE-416
Use After Free
|
CVE-2020-6208
|
2024-11-21 14:35 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196855
|
9.8 |
CRITICAL
Network
|
sap
|
solution_manager
|
SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgent…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-6207
|
2024-11-21 14:35 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196856
|
4.3 |
MEDIUM
Network
|
sap
|
cloud_platform_integration
|
SAP Cloud Platform Integration for Data Services, version 1.0, allows user inputs to be reflected as error or warning massages. This could mislead the victim to follow malicious instructions inserted…
|
CWE-352
Origin Validation Error
|
CVE-2020-6206
|
2024-11-21 14:35 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196857
|
4.3 |
MEDIUM
Network
|
sap
|
treasury_and_risk_management_\(ea-finserv\)
treasury_and_risk_management_\(s4core\)
|
The selection query in SAP Treasury and Risk Management (Transaction Management) (EA-FINSERV?versions 600, 603, 604, 605, 606, 616, 617, 618, 800 and S4CORE versions 101, 102, 103, 104) returns more …
|
CWE-862
Missing Authorization
|
CVE-2020-6204
|
2024-11-21 14:35 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196858
|
6.1 |
MEDIUM
Network
|
sap
|
netweaver_as_abap_business_server_pages
|
SAP NetWeaver AS ABAP Business Server Pages (Smart Forms), SAP_BASIS versions- 7.00, 7.01, 7.02, 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, 7.51, 7.52, 7.53, 7.54; does not sufficiently encode user controll…
|
CWE-79
Cross-site Scripting
|
CVE-2020-6205
|
2024-11-21 14:35 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196859
|
9.1 |
CRITICAL
Network
|
sap
|
netweaver
|
SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus ch…
|
CWE-22
Path Traversal
|
CVE-2020-6203
|
2024-11-21 14:35 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196860
|
7.2 |
HIGH
Network
|
sap
|
netweaver_application_server_java
|
SAP NetWeaver Application Server Java (User Management Engine), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; does not sufficiently validate the LDAP data source configuration XML document acce…
|
CWE-20
Improper Input Validation
|
CVE-2020-6202
|
2024-11-21 14:35 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
