Vulnerabilities (CVE)

Filtered by vendor Sap Subscribe
Filtered by product Graphical User Interface
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-5154 1 Sap 1 Graphical User Interface 2024-11-21 6.9 MEDIUM N/A
Multiple untrusted search path vulnerabilities in (1) SAPGui.exe and (2) BExAnalyzer.exe in SAP GUI 6.4 through 7.2 allow local users to gain privileges via a Trojan horse MFC80LOC.DLL file in the current working directory, as demonstrated by a directory that contains a .sap file. NOTE: some of these details are obtained from third party information.
CVE-2023-49580 1 Sap 1 Graphical User Interface 2024-09-28 N/A 7.3 HIGH
SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to create Layout configurations of the ABAP List Viewer and with this causing a mild impact on integrity and availability, e.g. also increasing the response times of the AS ABAP.
CVE-2021-21448 1 Sap 1 Graphical User Interface 2024-02-04 2.1 LOW 6.5 MEDIUM
SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for Application Server ABAP backend systems in the client PCs memory. Under certain conditions the attacker can access information which would otherwise be restricted. The exploit can only be executed locally on the client PC and not via Network and the attacker needs at least user authorization of the Operating System user of the victim.