) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- CPE Product Version: cpe:/a:sap:basis:7.0
There are 2 matching records.
Displaying matches 1 through 2.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2020-6307 |
Automated Note Search Tool (update provided in SAP Basis 7.0, 7.01, 7.02, 7.31, 7.4, 7.5, 7.51, 7.52, 7.53 and 7.54) does not perform sufficient authorization checks leading to the reading of sensitive information. Published: January 14, 2020; 1:15:12 PM -0500 |
V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
| CVE-2018-2478 |
An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the <sid>adm user. The commands executed depend upon the privileges of the <sid>adm user. Published: November 13, 2018; 3:29:00 PM -0500 |
V3.0: 7.2 HIGH V2.0: 6.5 MEDIUM |