Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

netweaver Vendor: sap

About This Product

netweaver is a software product offered by sap. This product is widely deployed in production environments, making vulnerability monitoring essential for organizations relying on it. Security vulnerabilities in products of this category can affect system availability, data confidentiality, and integrity across entire networks. The significant number of reported vulnerabilities indicates this product has received substantial security scrutiny and community focus over time. Regular assessment of known vulnerabilities and timely patching are fundamental components of responsible system administration for any deployment of this software.

Vulnerability Landscape Summary

SecUtils has identified 104 known vulnerabilities affecting sap netweaver. This includes 10 critical-severity issues and 26 high-severity issues that warrant immediate attention. Vulnerabilities in this product have been disclosed spanning from 2008 to 2026, indicating a sustained research interest and ongoing security attention. 66 medium-severity issues and 2 low-severity issues complete the vulnerability landscape. Organizations should prioritize patching based on deployment context, asset criticality, and exploitation likelihood rather than severity alone.

Known Vulnerabilities

ID	Date Published	Last Modified	Severity (CVSSv3)	Severity (CVSSv2)	Exploit Available
CVE-2008-1846	2008-04-16	2025-04-09	-	4.3	Likely
CVE-2008-3358	2009-01-28	2025-04-09	-	4.3	Likely
CVE-2009-2932	2009-08-21	2025-04-09	-	4.3	Likely
CVE-2010-1609	2010-04-29	2025-04-11	-	4.3	Likely
CVE-2010-2904	2010-07-28	2025-04-11	-	4.3	Likely
CVE-2011-4707	2011-12-08	2025-04-11	-	4.3	Likely
CVE-2012-1289	2012-02-23	2025-04-11	-	4.0	Likely
CVE-2012-1290	2012-02-23	2025-04-11	-	4.3	Likely
CVE-2012-1291	2012-02-23	2025-04-11	-	5.0	Likely
CVE-2012-1292	2012-02-23	2025-04-11	-	5.0	Likely
CVE-2012-2511	2012-05-15	2025-04-11	-	5.0	Likely
CVE-2012-2512	2012-05-15	2025-04-11	-	5.0	Likely
CVE-2012-2513	2012-05-15	2025-04-11	-	5.0	Likely
CVE-2012-2514	2012-05-15	2025-04-11	-	5.0	Likely
CVE-2012-2611	2012-05-15	2025-04-11	-	9.3	Likely
CVE-2012-2612	2012-05-15	2025-04-11	-	5.0	Likely
CVE-2011-5260	2013-02-12	2025-04-11	-	4.3	Likely
CVE-2011-5263	2013-02-12	2025-04-11	-	4.3	Likely
CVE-2013-3319	2013-08-16	2025-04-11	-	5.0	Likely
CVE-2013-5723	2013-09-12	2025-04-11	-	7.5	Likely
CVE-2013-5751	2013-09-16	2025-04-11	-	5.0	Likely
CVE-2013-6244	2013-10-24	2025-04-11	-	5.0	Likely
CVE-2013-3243	2013-10-28	2025-04-11	-	6.8	Likely
CVE-2013-6814	2013-11-20	2025-04-11	-	5.8	Likely
CVE-2013-6815	2013-11-20	2025-04-11	-	5.0	Likely
CVE-2013-6816	2013-11-20	2025-04-11	-	4.3	Likely
CVE-2013-6819	2013-11-20	2025-04-11	-	4.3	Likely
CVE-2013-6821	2013-11-20	2025-04-11	-	5.0	Likely
CVE-2013-6822	2013-11-20	2025-04-11	-	10.0	Likely
CVE-2013-6823	2013-11-20	2025-04-11	-	6.4	Likely
CVE-2013-6869	2013-11-23	2025-04-11	-	7.5	Likely
CVE-2013-7094	2013-12-13	2025-04-11	-	7.5	Likely
CVE-2014-1960	2014-02-14	2025-04-11	-	5.0	Likely
CVE-2014-1961	2014-02-14	2025-04-11	-	5.0	Likely
CVE-2014-1963	2014-02-14	2025-04-11	-	5.0	Likely
CVE-2014-1964	2014-02-14	2025-04-11	-	4.3	Likely
CVE-2014-1965	2014-02-14	2025-04-11	-	4.3	Likely
CVE-2013-7364	2014-04-10	2025-04-12	-	7.5	Likely
CVE-2014-3787	2014-05-19	2025-04-12	-	5.0	Likely
CVE-2014-4003	2014-06-09	2025-04-12	-	7.5	Likely
CVE-2014-6252	2014-09-05	2025-04-12	-	6.5	Likely
CVE-2014-8587	2014-11-04	2025-04-12	-	7.5	Likely
CVE-2014-8591	2014-11-04	2025-04-12	-	5.0	Likely
CVE-2014-8592	2014-11-04	2025-04-12	-	5.0	Likely
CVE-2014-0995	2014-11-06	2025-04-12	-	5.0	Likely
CVE-2015-2107	2015-03-14	2025-04-12	-	6.8	Unknown
CVE-2015-2815	2015-04-01	2025-04-12	-	6.5	Likely
CVE-2015-2817	2015-04-01	2025-04-12	-	5.0	Likely
CVE-2015-5067	2015-06-24	2025-04-12	-	7.5	Likely
CVE-2015-6662	2015-08-24	2025-04-12	-	6.8	Likely
CVE-2016-1910	2016-01-15	2025-04-12	5.3	5.0	Likely
CVE-2016-1911	2016-01-15	2025-04-12	6.1	4.3	Likely
CVE-2016-2387	2016-02-16	2025-04-12	6.1	4.3	Likely
CVE-2016-2389	2016-02-16	2025-04-12	7.5	7.8	Likely
CVE-2016-4014	2016-04-14	2025-04-12	8.6	9.0	Likely
CVE-2016-4015	2016-04-14	2025-04-12	7.5	5.0	Likely
CVE-2016-4551	2016-10-05	2025-04-12	7.5	5.0	Likely
CVE-2016-7435	2016-10-05	2025-04-12	9.1	9.0	Likely
CVE-2016-3635	2016-10-13	2025-04-12	7.5	6.0	Unknown
CVE-2016-7437	2016-10-13	2025-04-12	3.3	2.1	Unknown
CVE-2017-5372	2017-01-23	2025-04-20	7.5	5.0	Likely
CVE-2016-10311	2017-04-10	2025-04-20	9.8	7.5	Likely
CVE-2017-9844	2017-07-12	2025-05-02	7.5	7.5	Likely
CVE-2017-9845	2017-07-12	2025-04-20	7.5	7.8	Likely
CVE-2015-7241	2017-09-06	2025-04-20	9.8	7.5	Likely
CVE-2018-2363	2018-01-09	2024-11-21	8.8	6.5	Likely
CVE-2018-2434	2018-07-10	2024-11-21	4.3	4.3	Likely
CVE-2018-2462	2018-09-11	2024-11-21	8.8	6.5	Likely
CVE-2018-2464	2018-09-11	2024-11-21	6.1	4.3	Likely
CVE-2018-2470	2018-10-09	2024-11-21	6.1	4.3	Likely
CVE-2018-2476	2018-11-13	2024-11-21	6.1	5.8	Likely
CVE-2018-2477	2018-11-13	2024-11-21	8.8	6.5	Likely
CVE-2019-0248	2019-01-08	2024-11-21	5.9	4.3	Likely
CVE-2019-0351	2019-08-14	2024-11-21	8.8	6.5	Likely
CVE-2013-1592	2020-01-23	2024-11-21	9.8	10.0	Likely
CVE-2013-1593	2020-01-23	2024-11-21	7.5	5.0	Likely
CVE-2011-1517	2020-02-05	2024-11-21	9.8	7.5	Likely
CVE-2020-6181	2020-02-12	2024-11-21	5.8	5.0	Likely
CVE-2020-6184	2020-02-12	2024-11-21	6.1	4.3	Likely
CVE-2020-6185	2020-02-12	2024-11-21	5.4	3.5	Unknown
CVE-2020-6203	2020-03-10	2024-11-21	9.1	6.4	Likely
CVE-2020-6285	2020-07-14	2024-11-21	6.5	3.5	Unknown
CVE-2021-21481	2021-03-09	2024-11-21	8.8	8.3	Unknown
CVE-2021-38163	2021-09-14	2026-02-25	9.9	9.0	Likely
CVE-2021-38183	2021-10-12	2024-11-21	6.1	4.3	Likely
CVE-2022-22534	2022-02-09	2024-11-21	6.1	4.3	Likely
CVE-2022-28772	2022-04-12	2024-11-21	7.5	5.0	Likely
CVE-2022-28773	2022-04-12	2026-02-25	7.5	5.0	Likely
CVE-2022-28217	2022-06-13	2024-11-21	6.5	4.0	Likely
CVE-2023-0021	2023-03-14	2024-11-21	6.1	-	-
CVE-2023-27499	2023-04-11	2024-11-21	6.1	-	-
CVE-2023-29186	2023-04-11	2024-11-21	8.7	-	-
CVE-2023-32114	2023-06-13	2024-11-21	2.7	-	-
CVE-2023-33984	2023-06-13	2024-11-21	6.4	-	-
CVE-2023-33985	2023-06-13	2024-11-21	6.1	-	-
CVE-2023-36922	2023-07-11	2024-11-21	9.1	-	-
CVE-2023-41367	2023-09-12	2024-11-21	5.3	-	-
CVE-2024-22124	2024-01-09	2024-11-21	4.1	-	-
CVE-2024-25644	2024-03-12	2025-04-10	5.3	-	-
CVE-2024-27898	2024-04-09	2025-02-06	5.3	-	-
CVE-2025-31324	2025-04-24	2025-10-31	10.0	-	-
CVE-2025-42999	2025-05-13	2025-10-31	9.1	-	-
CVE-2025-42968	2025-07-08	2025-10-27	5.0	-	-
CVE-2026-23685	2026-02-10	2026-02-17	4.4	-	-

How SecUtils Interprets Product Data

SecUtils normalizes and enriches National Vulnerability Database (NVD) records for sap netweaver by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and structuring the data for rapid analysis and asset correlation. For every vulnerability listed, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference information to enable organizations to prioritize patching and risk assessment efficiently. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for vulnerability management and security operations.