Sap Business Planning And Consolidation — known CVE vulnerabilities
Every CVE whose affected-product data names Sap Business Planning And Consolidation, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-0016 — CVSS 9.9 (critical): SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. The exploitation of this issue could…
CVE-2022-41268 — CVSS 8.5 (high): In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE…
CVE-2017-16349 — CVSS 8.1 (high): An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. A specially crafted XML request can…
CVE-2020-6368 — CVSS 5.4 (medium): SAP Business Planning and Consolidation, versions - 750, 751, 752, 753, 754, 755, 810, 100, 200, can be abused by an attacker, allowing…
CVE-2023-23851 — CVSS 5.4 (medium): SAP Business Planning and Consolidation - versions 200, 300, allows an attacker with business authorization to upload any files (including…
CVE-2023-31407 — CVSS 5.4 (medium): SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in…