Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Sap Subscribe
Filtered by product Gui For Windows
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-40503 1 Sap 1 Gui For Windows 2021-11-29 2.1 LOW 7.8 HIGH
An information disclosure vulnerability exists in SAP GUI for Windows - versions < 7.60 PL13, 7.70 PL4, which allows an attacker with sufficient privileges on the local client-side PC to obtain an equivalent of the user’s password. With this highly sensitive data leaked, the attacker would be able to logon to the backend system the SAP GUI for Windows was connected to and launch further attacks depending on the authorizations of the user.
CVE-2021-27612 1 Sap 1 Gui For Windows 2021-06-29 5.8 MEDIUM 6.1 MEDIUM
In specific situations SAP GUI for Windows until and including 7.60 PL9, 7.70 PL0, forwards a user to specific malicious website which could contain malware or might lead to phishing attacks to steal credentials of the victim.
CVE-2017-6950 1 Sap 1 Gui For Windows 2019-10-02 7.5 HIGH 9.8 CRITICAL
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616.