Filtered by vendor Sap
Subscriptions
Filtered by product Erp Central Component
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-0503 | 1 Sap | 2 Erp Central Component, S/4hana | 2026-01-13 | 6.4 Medium |
| Due to missing authorization check in the SAP ERP Central Component (SAP ECC) and SAP S/4HANA (SAP EHS Management), an attacker could extract hardcoded clear-text credentials and bypass the password authentication check by manipulating user parameters. Upon successful exploitation, the attacker can access, modify or delete certain change pointer information within EHS objects in the application which might further affect the subsequent systems. This vulnerability leads to a low impact on confidentiality and integrity of the application with no affect on the availability. | ||||
| CVE-2013-3061 | 1 Sap | 2 Erp Central Component, Healthcare Industry Solution | 2025-04-11 | N/A |
| The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors. | ||||
| CVE-2013-3244 | 1 Sap | 1 Erp Central Component | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in the CJDB_FILL_MEMORY_FROM_PPB function in the Project System (PS-IS) module for SAP ERP Central Component (ECC) allow remote attackers to execute arbitrary code via a (1) RFC or (2) SOAP-RFC request. | ||||
| CVE-2013-6284 | 1 Sap | 1 Erp Central Component | 2025-04-11 | N/A |
| Unspecified vulnerability in the Statutory Reporting for Insurance (FS_SR) component in the Financial Services module for SAP ERP Central Component (ECC) allows attackers to execute arbitrary code via unspecified vectors, related to a "code injection vulnerability." | ||||
Page 1 of 1.