Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2023-AVI-0531
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | N/A | SAP Web Dispatcher versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54,KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00 et SAP_EXTENDED_APP_SERVICES 1 | ||
| SAP | N/A | SAP Solution Manager (Diagnostic Agent) version 7.20 | ||
| SAP | N/A | SAP NetWeaver AS for Java (Log Viewer) versions ENGINEAPI 7.50, SERVERCORE 7.50 et J2EE-APPS 7.50 | ||
| SAP | N/A | SAP NetWeaver (BI CONT ADD ON) versions 707, 737, 747 et 757 | ||
| SAP | N/A | SAP Business Warehouseand SAP BW/4HANA versions SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200 et DW4CORE 300 | ||
| SAP | N/A | SAP Business Client versions 6.5, 7.0 et 7.70 | ||
| SAP | N/A | SAP ECC et SAP S/4HANA (IS-OIL), versions 600, 602, 603, 604, 605, 606, 617, 618, 800, 802, 803, 804, 805, 806 et 807 | ||
| SAP | N/A | SAP SQL Anywhere version 17.0 | ||
| SAP | N/A | SAP NetWeaver Process Integration (Message Display Tool) version SAP_XIAF 7.50 | ||
| SAP | N/A | SAP NetWeaver AS ABAP et ABAP Platform versions KRNL64NUC7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL7.53, KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.92 et KERNEL 7.93 | ||
| SAP | N/A | SAP UI5 Variant Management versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757 et UI_700 200 | ||
| SAP | N/A | SAP Enable Now versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10 et ENABLE_NOW_CONSUMP_DEL 1704 | ||
| SAP | N/A | SAP ERP Defense Forces et Public Security versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806 et 807 | ||
| SAP | N/A | SAP S/4HANA (Manage Journal Entry Template) versions S4CORE 104, 105, 106 et 107 | ||
| SAP | N/A | SAP BusinessObjects BI Platform (Enterprise) versions 420 et 430 | ||
| SAP | N/A | SAP NetWeaver Process Integration (Runtime Workbench) version SAP_XITOOL 7.50 | ||
| SAP | N/A | SAP Web Dispatcher versions WEBDISP 7.49, WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.81, WEBDISP 7.85, WEBDISP 7.88, WEBDISP 7.89, WEBDISP 7.90, KERNEL 7.49, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.88, KERNEL 7.89, KERNEL 7.90, KRNL64NUC 7.49, KRNL64UC 7.49, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00 et SAP_EXTENDED_APP_SERVICES 1 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SAP Web Dispatcher versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54,KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00 et SAP_EXTENDED_APP_SERVICES 1",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Solution Manager (Diagnostic Agent) version 7.20",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver AS for Java (Log Viewer) versions ENGINEAPI 7.50, SERVERCORE 7.50 et J2EE-APPS 7.50",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver (BI CONT ADD ON) versions 707, 737, 747 et 757",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Business Warehouseand SAP BW/4HANA versions SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200 et DW4CORE 300",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Business Client versions 6.5, 7.0 et 7.70",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP ECC et SAP S/4HANA (IS-OIL), versions 600, 602, 603, 604, 605, 606, 617, 618, 800, 802, 803, 804, 805, 806 et 807",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP SQL Anywhere version 17.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Process Integration (Message Display Tool) version SAP_XIAF 7.50",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver AS ABAP et ABAP Platform versions KRNL64NUC7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL7.53, KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.92 et KERNEL 7.93",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP UI5 Variant Management versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757 et UI_700 200",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Enable Now versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10 et ENABLE_NOW_CONSUMP_DEL 1704",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP ERP Defense Forces et Public Security versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806 et 807",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP S/4HANA (Manage Journal Entry Template) versions S4CORE 104, 105, 106 et 107",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP BusinessObjects BI Platform (Enterprise) versions 420 et 430",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Process Integration (Runtime Workbench) version SAP_XITOOL 7.50",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Web Dispatcher versions WEBDISP 7.49, WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.81, WEBDISP 7.85, WEBDISP 7.88, WEBDISP 7.89, WEBDISP 7.90, KERNEL 7.49, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.88, KERNEL 7.89, KERNEL 7.90, KRNL64NUC 7.49, KRNL64UC 7.49, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00 et SAP_EXTENDED_APP_SERVICES 1",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-36921",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36921"
},
{
"name": "CVE-2023-35874",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35874"
},
{
"name": "CVE-2023-36922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36922"
},
{
"name": "CVE-2023-31405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31405"
},
{
"name": "CVE-2023-33991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33991"
},
{
"name": "CVE-2023-35873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35873"
},
{
"name": "CVE-2023-35870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35870"
},
{
"name": "CVE-2023-33992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33992"
},
{
"name": "CVE-2023-33987",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33987"
},
{
"name": "CVE-2023-33989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33989"
},
{
"name": "CVE-2023-33988",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33988"
},
{
"name": "CVE-2023-33990",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33990"
},
{
"name": "CVE-2023-36924",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36924"
},
{
"name": "CVE-2023-36920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36920"
},
{
"name": "CVE-2023-35871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35871"
},
{
"name": "CVE-2023-36918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36918"
},
{
"name": "CVE-2023-36925",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36925"
},
{
"name": "CVE-2023-35872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35872"
},
{
"name": "CVE-2023-36919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36919"
},
{
"name": "CVE-2023-36917",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36917"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0531",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-07-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SAP du 11 juillet 2023",
"url": "https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a\u0026rc=1"
}
]
}
CVE-2023-31405 (GCVE-0-2023-31405)
Vulnerability from cvelistv5 – Published: 2023-07-11 02:23 – Updated: 2024-11-08 18:19
VLAI
EPSS
Title
Log Injection vulnerability in SAP NetWeaver AS for Java (Log Viewer)
Summary
SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated attacker to craft a request over the network which can result in unwarranted modifications to a system log without user interaction. There is no ability to view any information or any effect on availability.
Severity
5.3 (Medium)
CWE
- CWE-117 - Improper Output Neutralization for Logs
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP NetWeaver AS for Java (Log Viewer) |
Affected:
ENGINEAPI 7.50
Affected: SERVERCORE 7.50 Affected: J2EE-APPS 7.50 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:53:30.779Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3324732"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31405",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T18:19:34.601061Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T18:19:45.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver AS for Java (Log Viewer)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "ENGINEAPI 7.50"
},
{
"status": "affected",
"version": "SERVERCORE 7.50"
},
{
"status": "affected",
"version": "J2EE-APPS 7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated attacker to craft a request over the network which can result in unwarranted modifications to a system log without user interaction. There is no ability to view any information or any effect on availability.\u003c/p\u003e"
}
],
"value": "SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated attacker to craft a request over the network which can result in unwarranted modifications to a system log without user interaction. There is no ability to view any information or any effect on availability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-117",
"description": "CWE-117: Improper Output Neutralization for Logs",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T02:23:26.873Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3324732"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Log Injection vulnerability in SAP NetWeaver AS for Java (Log Viewer)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-31405",
"datePublished": "2023-07-11T02:23:26.873Z",
"dateReserved": "2023-04-27T18:29:50.455Z",
"dateUpdated": "2024-11-08T18:19:45.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33987 (GCVE-0-2023-33987)
Vulnerability from cvelistv5 – Published: 2023-07-11 02:24 – Updated: 2024-12-04 15:32
VLAI
EPSS
Title
Request smuggling and request concatenation in SAP Web Dispatcher
Summary
An unauthenticated attacker in SAP Web Dispatcher - versions WEBDISP 7.49, WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.81, WEBDISP 7.85, WEBDISP 7.88, WEBDISP 7.89, WEBDISP 7.90, KERNEL 7.49, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.88, KERNEL 7.89, KERNEL 7.90, KRNL64NUC 7.49, KRNL64UC 7.49, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, can submit a malicious crafted request over a network to a front-end server which may, over several attempts, result in a back-end server confusing the boundaries of malicious and legitimate messages. This can result in the back-end server executing a malicious payload which can be used to read or modify information on the server or make it temporarily unavailable.
Severity
8.6 (High)
CWE
- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP Web Dispatcher |
Affected:
WEBDISP 7.49
Affected: WEBDISP 7.53 Affected: WEBDISP 7.54 Affected: WEBDISP 7.77 Affected: WEBDISP 7.81 Affected: WEBDISP 7.85 Affected: WEBDISP 7.88 Affected: WEBDISP 7.89 Affected: WEBDISP 7.90 Affected: KERNEL 7.49 Affected: KERNEL 7.53 Affected: KERNEL 7.54 KERNEL 7.77 Affected: KERNEL 7.81 Affected: KERNEL 7.85 Affected: KERNEL 7.88 Affected: KERNEL 7.89 Affected: KERNEL 7.90 Affected: KRNL64NUC 7.49 Affected: KRNL64UC 7.49 Affected: KRNL64UC 7.53 Affected: HDB 2.00 Affected: XS_ADVANCED_RUNTIME 1.00 Affected: SAP_EXTENDED_APP_SERVICES 1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:14.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3233899"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33987",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T15:32:02.394644Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T15:32:10.947Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Web Dispatcher",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "WEBDISP 7.49"
},
{
"status": "affected",
"version": "WEBDISP 7.53"
},
{
"status": "affected",
"version": "WEBDISP 7.54"
},
{
"status": "affected",
"version": "WEBDISP 7.77"
},
{
"status": "affected",
"version": "WEBDISP 7.81"
},
{
"status": "affected",
"version": "WEBDISP 7.85"
},
{
"status": "affected",
"version": "WEBDISP 7.88"
},
{
"status": "affected",
"version": "WEBDISP 7.89"
},
{
"status": "affected",
"version": "WEBDISP 7.90"
},
{
"status": "affected",
"version": "KERNEL 7.49"
},
{
"status": "affected",
"version": "KERNEL 7.53"
},
{
"status": "affected",
"version": "KERNEL 7.54 KERNEL 7.77"
},
{
"status": "affected",
"version": "KERNEL 7.81"
},
{
"status": "affected",
"version": "KERNEL 7.85"
},
{
"status": "affected",
"version": "KERNEL 7.88"
},
{
"status": "affected",
"version": "KERNEL 7.89"
},
{
"status": "affected",
"version": "KERNEL 7.90"
},
{
"status": "affected",
"version": "KRNL64NUC 7.49"
},
{
"status": "affected",
"version": "KRNL64UC 7.49"
},
{
"status": "affected",
"version": "KRNL64UC 7.53"
},
{
"status": "affected",
"version": "HDB 2.00"
},
{
"status": "affected",
"version": "XS_ADVANCED_RUNTIME 1.00"
},
{
"status": "affected",
"version": "SAP_EXTENDED_APP_SERVICES 1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn unauthenticated attacker in SAP Web Dispatcher - versions WEBDISP 7.49, WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.81, WEBDISP 7.85, WEBDISP 7.88, WEBDISP 7.89, WEBDISP 7.90, KERNEL 7.49, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.88, KERNEL 7.89, KERNEL 7.90, KRNL64NUC 7.49, KRNL64UC 7.49, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, can submit a malicious crafted request over a network to a front-end server which\u00a0may, over several attempts, result in a back-end server confusing the boundaries of malicious and legitimate\u00a0messages. This can result in the back-end server executing a malicious payload which can be used to read or\u00a0modify information on the server or make it temporarily unavailable.\u003c/p\u003e"
}
],
"value": "An unauthenticated attacker in SAP Web Dispatcher - versions WEBDISP 7.49, WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.81, WEBDISP 7.85, WEBDISP 7.88, WEBDISP 7.89, WEBDISP 7.90, KERNEL 7.49, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.88, KERNEL 7.89, KERNEL 7.90, KRNL64NUC 7.49, KRNL64UC 7.49, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, can submit a malicious crafted request over a network to a front-end server which\u00a0may, over several attempts, result in a back-end server confusing the boundaries of malicious and legitimate\u00a0messages. This can result in the back-end server executing a malicious payload which can be used to read or\u00a0modify information on the server or make it temporarily unavailable.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T02:24:52.753Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3233899"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Request smuggling and request concatenation in SAP Web Dispatcher",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-33987",
"datePublished": "2023-07-11T02:24:52.753Z",
"dateReserved": "2023-05-24T20:41:32.834Z",
"dateUpdated": "2024-12-04T15:32:10.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33988 (GCVE-0-2023-33988)
Vulnerability from cvelistv5 – Published: 2023-07-11 02:26 – Updated: 2024-10-21 21:10
VLAI
EPSS
Title
Cross-Site Scripting vulnerability in SAP Enable Now
Summary
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Content-Security-Policy and X-XSS-Protection response headers are not implemented, allowing an unauthenticated attacker to attempt reflected cross-site scripting, which could result in disclosure or modification of information.
Severity
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP Enable Now |
Affected:
WPB_MANAGER 1.0
Affected: WPB_MANAGER_CE 10 Affected: WPB_MANAGER_HANA 10 Affected: ENABLE_NOW_CONSUMP_DEL 1704 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:14.157Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3326769"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33988",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T21:06:54.001238Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T21:10:43.834Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Enable Now",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "WPB_MANAGER 1.0"
},
{
"status": "affected",
"version": "WPB_MANAGER_CE 10"
},
{
"status": "affected",
"version": "WPB_MANAGER_HANA 10"
},
{
"status": "affected",
"version": "ENABLE_NOW_CONSUMP_DEL 1704"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Content-Security-Policy and X-XSS-Protection response headers are not implemented, allowing an unauthenticated attacker to attempt reflected cross-site scripting, which could result in disclosure or modification of information.\u003c/p\u003e"
}
],
"value": "In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Content-Security-Policy and X-XSS-Protection response headers are not implemented, allowing an unauthenticated attacker to attempt reflected cross-site scripting, which could result in disclosure or modification of information.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T02:26:57.068Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3326769"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting vulnerability in SAP Enable Now",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-33988",
"datePublished": "2023-07-11T02:26:57.068Z",
"dateReserved": "2023-05-24T20:41:32.834Z",
"dateUpdated": "2024-10-21T21:10:43.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33989 (GCVE-0-2023-33989)
Vulnerability from cvelistv5 – Published: 2023-07-11 02:28 – Updated: 2024-10-23 17:29
VLAI
EPSS
Title
Directory Traversal vulnerability in SAP NetWeaver (BI CONT ADD ON)
Summary
An attacker with non-administrative authorizations in SAP NetWeaver (BI CONT ADD ON) - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written leading to system compromise.
Severity
8.7 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP NetWeaver (BI CONT ADD ON) |
Affected:
707
Affected: 737 Affected: 747 Affected: 757 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:14.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3331376"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33989",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T17:25:45.839105Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T17:29:51.327Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver (BI CONT ADD ON)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "707"
},
{
"status": "affected",
"version": "737"
},
{
"status": "affected",
"version": "747"
},
{
"status": "affected",
"version": "757"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn attacker with non-administrative authorizations in SAP NetWeaver (BI CONT ADD ON) - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written leading to system compromise.\u003c/p\u003e"
}
],
"value": "An attacker with non-administrative authorizations in SAP NetWeaver (BI CONT ADD ON) - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written leading to system compromise.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T02:28:49.510Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3331376"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Directory Traversal vulnerability in SAP NetWeaver (BI CONT ADD ON)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-33989",
"datePublished": "2023-07-11T02:28:49.510Z",
"dateReserved": "2023-05-24T20:41:32.834Z",
"dateUpdated": "2024-10-23T17:29:51.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33990 (GCVE-0-2023-33990)
Vulnerability from cvelistv5 – Published: 2023-07-11 02:29 – Updated: 2024-11-08 18:19
VLAI
EPSS
Title
Denial of Service (DoS) vulnerability in SAP SQL Anywhere
Summary
SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing the service by crashing the service. An attacker with low privileged account and access to the local system can write into the shared memory objects. This can be leveraged by an attacker to perform a Denial of Service. Further, an attacker might be able to modify sensitive data in shared memory objects.This issue only affects SAP SQL Anywhere on Windows. Other platforms are not impacted.
Severity
7.8 (High)
CWE
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP SQL Anywhere |
Affected:
17.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:14.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3331029"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33990",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T18:19:05.237280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T18:19:14.806Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP SQL Anywhere",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "17.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP SQL Anywhere\u00a0- version 17.0, allows an attacker to prevent legitimate users from accessing the service by crashing the service. An attacker with low privileged account and access to the local system can write into the shared memory objects. This can be leveraged by an attacker to perform a Denial of Service. Further, an attacker might be able to modify sensitive data in shared memory objects.This issue only affects SAP SQL Anywhere on Windows. Other platforms are not impacted.\u003c/p\u003e"
}
],
"value": "SAP SQL Anywhere\u00a0- version 17.0, allows an attacker to prevent legitimate users from accessing the service by crashing the service. An attacker with low privileged account and access to the local system can write into the shared memory objects. This can be leveraged by an attacker to perform a Denial of Service. Further, an attacker might be able to modify sensitive data in shared memory objects.This issue only affects SAP SQL Anywhere on Windows. Other platforms are not impacted."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
"lang": "eng",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-277",
"description": "CWE-277: Insecure Inherited Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-28T21:57:21.766Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3331029"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of Service (DoS) vulnerability in SAP SQL Anywhere",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-33990",
"datePublished": "2023-07-11T02:29:57.811Z",
"dateReserved": "2023-05-24T20:41:32.834Z",
"dateUpdated": "2024-11-08T18:19:14.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33991 (GCVE-0-2023-33991)
Vulnerability from cvelistv5 – Published: 2023-06-13 02:49 – Updated: 2025-01-03 02:01
VLAI
EPSS
Title
Stored Cross-Site Scripting (Stored XSS) vulnerability in SAP UI5 Variant Management
Summary
SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting (Stored XSS) vulnerability. After successful exploitation, an attacker with user level access can cause high impact on confidentiality, modify some information and can cause unavailability of the application at user level.
Severity
8.2 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP UI5 Variant Management |
Affected:
SAP_UI 750
Affected: SAP_UI 754 Affected: SAP_UI 755 Affected: SAP_UI 756 Affected: SAP_UI 757 Affected: UI_700 200 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:14.185Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3324285"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33991",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T02:01:14.080839Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T02:01:47.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP UI5 Variant Management",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_UI 750"
},
{
"status": "affected",
"version": "SAP_UI 754"
},
{
"status": "affected",
"version": "SAP_UI 755"
},
{
"status": "affected",
"version": "SAP_UI 756"
},
{
"status": "affected",
"version": "SAP_UI 757"
},
{
"status": "affected",
"version": "UI_700 200"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting (Stored XSS) vulnerability. After successful exploitation, an attacker with user level access can cause high impact on confidentiality, modify some information and can cause unavailability of the application at user level.\u003c/p\u003e"
}
],
"value": "SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting (Stored XSS) vulnerability. After successful exploitation, an attacker with user level access can cause high impact on confidentiality, modify some information and can cause unavailability of the application at user level.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T02:49:25.778Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3324285"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored Cross-Site Scripting (Stored XSS) vulnerability in SAP UI5 Variant Management",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-33991",
"datePublished": "2023-06-13T02:49:25.778Z",
"dateReserved": "2023-05-24T20:41:32.834Z",
"dateUpdated": "2025-01-03T02:01:47.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33992 (GCVE-0-2023-33992)
Vulnerability from cvelistv5 – Published: 2023-07-11 02:34 – Updated: 2024-10-29 13:43
VLAI
EPSS
Title
Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA
Summary
The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.
Severity
4.5 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA |
Affected:
SAP_BW 730
Affected: SAP_BW 731 Affected: SAP_BW 740 Affected: SAP_BW 750 Affected: DW4CORE 100 Affected: DW4CORE 200 Affected: DW4CORE 300 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:14.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3088078"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33992",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T18:38:55.404664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T13:43:38.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Business Warehouse and SAP BW/4HANA",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_BW 730"
},
{
"status": "affected",
"version": "SAP_BW 731"
},
{
"status": "affected",
"version": "SAP_BW 740"
},
{
"status": "affected",
"version": "SAP_BW 750"
},
{
"status": "affected",
"version": "DW4CORE 100"
},
{
"status": "affected",
"version": "DW4CORE 200"
},
{
"status": "affected",
"version": "DW4CORE 300"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.\u003c/p\u003e"
}
],
"value": "The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T02:34:11.627Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3088078"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-33992",
"datePublished": "2023-07-11T02:34:11.627Z",
"dateReserved": "2023-05-24T20:41:32.835Z",
"dateUpdated": "2024-10-29T13:43:38.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35870 (GCVE-0-2023-35870)
Vulnerability from cvelistv5 – Published: 2023-07-11 02:40 – Updated: 2024-10-29 13:43
VLAI
EPSS
Title
Improper Access Control in SAP S/4HANA (Manage Journal Entry Template)
Summary
When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions S4CORE 104, 105, 106, 107, an attacker could intercept the save request and change the template, leading to an impact on confidentiality and integrity of the resource. Furthermore, a standard template could be deleted, hence making the resource temporarily unavailable.
Severity
6.3 (Medium)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP S/4HANA (Manage Journal Entry Template) |
Affected:
S4CORE 104
Affected: 105 Affected: 106 Affected: 107 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:45.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3341211"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35870",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T18:38:35.831454Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T13:43:24.084Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP S/4HANA (Manage Journal Entry Template)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "S4CORE 104"
},
{
"status": "affected",
"version": "105"
},
{
"status": "affected",
"version": "106"
},
{
"status": "affected",
"version": "107"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eWhen creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions S4CORE 104, 105, 106, 107, an attacker could intercept the save request and change the template, leading to an impact on confidentiality and integrity of the resource. Furthermore, a standard template could be deleted, hence making the resource temporarily unavailable.\u003c/p\u003e"
}
],
"value": "When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions S4CORE 104, 105, 106, 107, an attacker could intercept the save request and change the template, leading to an impact on confidentiality and integrity of the resource. Furthermore, a standard template could be deleted, hence making the resource temporarily unavailable."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-28T21:59:09.148Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3341211"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Access Control in SAP S/4HANA (Manage Journal Entry Template)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-35870",
"datePublished": "2023-07-11T02:40:26.084Z",
"dateReserved": "2023-06-19T10:27:44.579Z",
"dateUpdated": "2024-10-29T13:43:24.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35871 (GCVE-0-2023-35871)
Vulnerability from cvelistv5 – Published: 2023-07-11 02:41 – Updated: 2024-10-23 16:25
VLAI
EPSS
Title
Memory Corruption vulnerability in SAP Web Dispatcher
Summary
The SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP 7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, has a vulnerability that can be exploited by an unauthenticated attacker to cause memory corruption through logical errors in memory management this may leads to information disclosure or system crashes, which can have low impact on confidentiality and high impact on the integrity and availability of the system.
Severity
7.7 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP Web Dispatcher |
Affected:
WEBDISP 7.53
Affected: WEBDISP 7.54 Affected: WEBDISP 7.77 Affected: WEBDISP 7.85 Affected: WEBDISP 7.89 Affected: WEBDISP 7.91 Affected: WEBDISP 7.92 Affected: WEBDISP 7.93 Affected: KERNEL 7.53 Affected: KERNEL 7.54 KERNEL 7.77 Affected: KERNEL 7.85 Affected: KERNEL 7.89 Affected: KERNEL 7.91 Affected: KERNEL 7.92 Affected: KERNEL 7.93 Affected: KRNL64UC 7.53 Affected: HDB 2.00 Affected: XS_ADVANCED_RUNTIME 1.00 Affected: SAP_EXTENDED_APP_SERVICES 1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:45.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3340735"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35871",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T16:24:29.446961Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T16:25:51.938Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Web Dispatcher",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "WEBDISP 7.53"
},
{
"status": "affected",
"version": "WEBDISP 7.54"
},
{
"status": "affected",
"version": "WEBDISP 7.77"
},
{
"status": "affected",
"version": "WEBDISP 7.85"
},
{
"status": "affected",
"version": "WEBDISP 7.89"
},
{
"status": "affected",
"version": "WEBDISP 7.91"
},
{
"status": "affected",
"version": "WEBDISP 7.92"
},
{
"status": "affected",
"version": "WEBDISP 7.93"
},
{
"status": "affected",
"version": "KERNEL 7.53"
},
{
"status": "affected",
"version": "KERNEL 7.54 KERNEL 7.77"
},
{
"status": "affected",
"version": "KERNEL 7.85"
},
{
"status": "affected",
"version": "KERNEL 7.89"
},
{
"status": "affected",
"version": "KERNEL 7.91"
},
{
"status": "affected",
"version": "KERNEL 7.92"
},
{
"status": "affected",
"version": "KERNEL 7.93"
},
{
"status": "affected",
"version": "KRNL64UC 7.53"
},
{
"status": "affected",
"version": "HDB 2.00"
},
{
"status": "affected",
"version": "XS_ADVANCED_RUNTIME 1.00"
},
{
"status": "affected",
"version": "SAP_EXTENDED_APP_SERVICES 1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP 7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, has a vulnerability that can be exploited by an unauthenticated attacker to cause memory corruption through logical errors in memory management this may leads to information disclosure or system crashes, which can have low impact on confidentiality and high impact on the integrity and availability of the system.\u003c/p\u003e"
}
],
"value": "The SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP 7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, has a vulnerability that can be exploited by an unauthenticated attacker to cause memory corruption through logical errors in memory management this may leads to information disclosure or system crashes, which can have low impact on confidentiality and high impact on the integrity and availability of the system.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-14T13:05:33.938Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3340735"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Memory Corruption vulnerability in SAP Web Dispatcher",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-35871",
"datePublished": "2023-07-11T02:41:03.537Z",
"dateReserved": "2023-06-19T10:27:44.580Z",
"dateUpdated": "2024-10-23T16:25:51.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35872 (GCVE-0-2023-35872)
Vulnerability from cvelistv5 – Published: 2023-07-11 02:41 – Updated: 2024-11-08 18:18
VLAI
EPSS
Title
Missing Authentication check in SAP NetWeaver Process Integration (Message Display Tool)
Summary
The Message Display Tool (MDT) of SAP NetWeaver Process Integration - version SAP_XIAF 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The vulnerability does not allow access to sensitive information or administrative functionalities. On successful exploitation an attacker can cause limited impact on confidentiality and availability of the application.
Severity
6.5 (Medium)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP NetWeaver Process Integration (Message Display Tool) |
Affected:
SAP_XIAF 7.50
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:45.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3343564"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35872",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T18:18:18.985369Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T18:18:30.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver Process Integration (Message Display Tool)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_XIAF 7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe\u00a0Message Display Tool (MDT) of SAP NetWeaver Process Integration\u00a0- version SAP_XIAF 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The vulnerability does not allow access to\u00a0sensitive information or administrative functionalities. On successful exploitation an attacker can cause limited impact on confidentiality and availability of the application.\u003c/p\u003e"
}
],
"value": "The\u00a0Message Display Tool (MDT) of SAP NetWeaver Process Integration\u00a0- version SAP_XIAF 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The vulnerability does not allow access to\u00a0sensitive information or administrative functionalities. On successful exploitation an attacker can cause limited impact on confidentiality and availability of the application.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T02:41:33.243Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3343564"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authentication check in SAP NetWeaver Process Integration (Message Display Tool)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-35872",
"datePublished": "2023-07-11T02:41:33.243Z",
"dateReserved": "2023-06-19T10:27:44.580Z",
"dateUpdated": "2024-11-08T18:18:30.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…