Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Sap Subscribe
Filtered by product Business Client
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-38150 1 Sap 1 Business Client 2022-07-12 4.3 MEDIUM 6.5 MEDIUM
When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the corresponding backend for which the credentials are valid.
CVE-2018-2398 1 Sap 1 Business Client 2020-08-24 5.0 MEDIUM 7.5 HIGH
Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted.
CVE-2020-6244 1 Sap 1 Business Client 2020-05-18 4.4 MEDIUM 7.8 HIGH
SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. An attacker could thereby control the behavior of the application.
CVE-2020-6228 1 Sap 1 Business Client 2020-04-15 4.3 MEDIUM 7.5 HIGH
SAP Business Client, versions 6.5, 7.0, does not perform necessary integrity checks which could be exploited by an attacker under certain conditions to modify the installer.