Every CVE whose affected-product data names Sap Commoncryptolib, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-40309 — CVSS 9.8 (critical): SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an…
CVE-2014-8587 — CVSS 7.5 (high): SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows…
CVE-2021-38177 — CVSS 7.5 (high): SAP CommonCryptoLib version 8.5.38 or lower is vulnerable to null pointer dereference vulnerability when an unauthenticated attacker sends…
CVE-2023-40308 — CVSS 7.5 (high): SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption…