SAP Fiori
By the Year
In 2024 there have been 0 vulnerabilities in SAP Fiori . Last year Fiori had 1 security vulnerability published. Right now, Fiori is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 6.50 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 6.50 |
It may take a day or so for new Fiori vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent SAP Fiori Security Vulnerabilities
SAP Fiori apps for Travel Management in SAP ERP (My Travel Requests) - version 600
CVE-2023-24528
6.5 - Medium
- February 14, 2023
SAP Fiori apps for Travel Management in SAP ERP (My Travel Requests) - version 600, allows an authenticated attacker to exploit a certain misconfigured application endpoint to view sensitive data. This endpoint is normally exposed over the network and successful exploitation can lead to exposure of data like travel documents.
AuthZ
SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application
CVE-2018-2474
6.5 - Medium
- October 09, 2018
SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application allows an attacker to trick an authenticated user to send unintended request to the web server. This vulnerability is due to insufficient CSRF protection.
Session Riding
