HIGH🇵🇱 Wersja polska

CVE-2016-4551

CVSS 7.5v3.0pub. 2016-10-05upd. 2026-05-06

The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  • Sap Netweaver

    APP
    Sap
    2004s
  • Sap Aba

    APP
    Sap
    7.00
  • Sap Basis

    APP
    Sap
    7.00
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-42999CRITICAL9.1⚠ KEVPL ✓ten sam produkt

SAP NetWeaver Visual Composer — niebezpieczna deserializacja treści

CVE-2025-31324CRITICAL10.0⚠ KEVPL ✓ten sam produkt

SAP NetWeaver: nieautoryzowany upload plików wykonywalnych w Visual Composer

CVE-2021-38163CRITICAL9.9⚠ KEVten sam produkt

SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker aut...

CVE-2025-0066CRITICAL9.9PL ✓ten sam produkt

SAP NetWeaver AS ABAP – nieautoryzowany dostęp do danych przez słabą kontrolę dostępu

CVE-2023-36922CRITICAL9.1ten sam produkt

Due to programming error in function module and report, IS-OIL component in SAP ECC and SAP S/4HANA allows an ...