SAP Graphical User Interface
By the Year
In 2024 there have been 0 vulnerabilities in SAP Graphical User Interface . Last year Graphical User Interface had 1 security vulnerability published. Right now, Graphical User Interface is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.30 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 6.50 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Graphical User Interface vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent SAP Graphical User Interface Security Vulnerabilities
SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758
CVE-2023-49580
7.3 - High
- December 12, 2023
SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to create Layout configurations of the ABAP List Viewer and with this causing a mild impact on integrity and availability, e.g. also increasing the response times of the AS ABAP.
SAP GUI for Windows, version - 7.60
CVE-2021-21448
6.5 - Medium
- January 12, 2021
SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for Application Server ABAP backend systems in the client PCs memory. Under certain conditions the attacker can access information which would otherwise be restricted. The exploit can only be executed locally on the client PC and not via Network and the attacker needs at least user authorization of the Operating System user of the victim.
Multiple untrusted search path vulnerabilities in (1) SAPGui.exe and (2) BExAnalyzer.exe in SAP GUI 6.4 through 7.2 allow local users to gain privileges via a Trojan horse MFC80LOC.DLL file in the current working directory, as demonstrated by a directory
CVE-2011-5154
- September 06, 2012
Multiple untrusted search path vulnerabilities in (1) SAPGui.exe and (2) BExAnalyzer.exe in SAP GUI 6.4 through 7.2 allow local users to gain privileges via a Trojan horse MFC80LOC.DLL file in the current working directory, as demonstrated by a directory that contains a .sap file. NOTE: some of these details are obtained from third party information.Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426 Untrusted Search Path'
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for SAP Graphical User Interface or by SAP? Click the Watch button to subscribe.
