Sap Business Warehouse — known CVE vulnerabilities
Every CVE whose affected-product data names Sap Business Warehouse, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2021-21465 — CVSS 9.9 (critical): The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An…
CVE-2020-26838 — CVSS 9.1 (critical): SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows…
CVE-2021-21466 — CVSS 8.8 (high): SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged…
CVE-2021-21468 — CVSS 6.5 (medium): The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges…
CVE-2024-39594 — CVSS 6.1 (medium): SAP Business Warehouse - Business Planning and Simulation application does not sufficiently encode user controlled inputs, resulting in…
CVE-2024-39595 — CVSS 5.4 (medium): SAP Business Warehouse - Business Planning and Simulation application does not sufficiently encode user-controlled inputs, resulting in…
CVE-2023-33992 — CVSS 4.5 (medium): The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730…