SAP NetWeaver Development Infrastructure (NWDI) 7.30
Approved changes feed: RSS · Atom
cpe:2.3:a:sap:netweaver_development_infrastructure:7.30:*:*:*:*:*:*:*
part: a version: 7.30 update: *
| Vendor | Sap (dd5aa0c0-20b0-5c86-a937-aa29f1a33b77) |
|---|---|
| Product | Netweaver Development Infrastructure (9409ddb6-92ac-50ff-b827-6453591f04d0) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-29618 |
vulnerable | 2026-06-03 14:46:58.790517 |
Details available
Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) - versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the URL and execute code in the user’s browser. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.
Published: 2022-06-14T18:35:37.000Z
Updated: 2024-08-03T06:26:06.613Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-33690 |
vulnerable | 2026-06-03 14:44:43.924149 |
Details available
CRITICAL (9.9)
Server-Side Request Forgery (SSRF) vulnerability has been detected in the SAP NetWeaver Development Infrastructure Component Build Service versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50The SAP NetWeaver Development Infrastructure Component Build Service allows a threat actor who has access to the server to perform proxy attacks on server by sending crafted queries. Due to this, the threat actor could completely compromise sensitive data residing on the Server and impact its availability.Note: The impact of this vulnerability depends on whether SAP NetWeaver Development Infrastructure (NWDI) runs on the intranet or internet. The CVSS score reflects the impact considering the worst-case scenario that it runs on the internet.
Published: 2021-09-15T18:01:41.000Z
Updated: 2024-08-03T23:58:22.583Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.