Sap S4fnd — known CVE vulnerabilities
Every CVE whose affected-product data names Sap S4fnd, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
- CVE-2018-2364 — CVSS 6.1 (medium): SAP CRM WebClient UI 7.01, 7.31, 7.46, 7.47, 7.48, 8.00, 8.01, S4FND 1.02, does not sufficiently validate and/or encode hidden fields…
- CVE-2019-0244 — CVSS 5.4 (medium): SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) does not sufficiently encode…
- CVE-2019-0245 — CVSS 5.4 (medium): SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) does not sufficiently encode…
- CVE-2023-29188 — CVSS 5.4 (medium): SAP CRM WebClient UI - versions SAPSCORE 129, S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 701, WEBCUIF 731…
- CVE-2023-24525 — CVSS 4.3 (medium): SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in…