Sap Netweaver Development Infrastructure — known CVE vulnerabilities
Every CVE whose affected-product data names Sap Netweaver Development Infrastructure, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2021-33690 — CVSS 9.9 (critical): Server-Side Request Forgery (SSRF) vulnerability has been detected in the SAP NetWeaver Development Infrastructure Component Build Service…
CVE-2013-6820 — CVSS 9.3 (critical): Unrestricted file upload vulnerability in the SAP NetWeaver Development Infrastructure (NWDI) allows remote attackers to execute arbitrary…
CVE-2021-33691 — CVSS 6.1 (medium): NWDI Notification Service versions - 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site…
CVE-2022-29618 — CVSS 6.1 (medium): Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) - versions 7.30, 7.31, 7.40, 7.50…