fkie_cve-2023-40309
Vulnerability from fkie_nvd
Published
2023-09-12 03:15
Modified
2024-11-21 08:19
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data.
References
cna@sap.comhttps://me.sap.com/notes/3340576Permissions Required, Vendor Advisory
cna@sap.comhttps://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://me.sap.com/notes/3340576Permissions Required, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlVendor Advisory
Impacted products
Vendor Product Version
sap commoncryptolib 8.0.0
sap content_server 6.50
sap content_server 7.53
sap content_server 7.54
sap extended_application_services_and_runtime 1.0
sap hana_database 2.0
sap host_agent 722
sap netweaver_application_server_abap 7.22ext
sap netweaver_application_server_abap kernel_7.22
sap netweaver_application_server_abap kernel_7.53
sap netweaver_application_server_abap kernel_7.54
sap netweaver_application_server_abap kernel_7.77
sap netweaver_application_server_abap kernel_7.85
sap netweaver_application_server_abap kernel_7.89
sap netweaver_application_server_abap kernel_7.91
sap netweaver_application_server_abap kernel_7.92
sap netweaver_application_server_abap kernel_7.93
sap netweaver_application_server_abap kernel_8.04
sap netweaver_application_server_abap kernel64nuc_7.22
sap netweaver_application_server_abap kernel64nuc_7.22ext
sap netweaver_application_server_abap kernel64uc_7.22
sap netweaver_application_server_abap kernel64uc_7.22ext
sap netweaver_application_server_abap kernel64uc_7.53
sap netweaver_application_server_abap kernel64uc_8.04
sap netweaver_application_server_java kernel_7.22
sap netweaver_application_server_java kernel_7.53
sap netweaver_application_server_java kernel_7.54
sap netweaver_application_server_java kernel_7.77
sap netweaver_application_server_java kernel_7.85
sap netweaver_application_server_java kernel_7.89
sap netweaver_application_server_java kernel_7.91
sap netweaver_application_server_java kernel_7.92
sap netweaver_application_server_java kernel_7.93
sap netweaver_application_server_java kernel_8.04
sap netweaver_application_server_java kernel64nuc_7.22
sap netweaver_application_server_java kernel64nuc_7.22ext
sap netweaver_application_server_java kernel64uc_7.22
sap netweaver_application_server_java kernel64uc_7.22ext
sap netweaver_application_server_java kernel64uc_7.53
sap netweaver_application_server_java kernel64uc_8.04
sap sapssoext 17.0
sap web_dispatcher 7.22ext
sap web_dispatcher 7.53
sap web_dispatcher 7.54
sap web_dispatcher 7.77
sap web_dispatcher 7.85
sap web_dispatcher 7.89


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:sap:commoncryptolib:8.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "92E07A81-F35C-4BF4-8AB4-E5B3C3D09487",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:content_server:6.50:*:*:*:*:*:*:*",
                     matchCriteriaId: "85520864-E99A-4576-847C-5E0EA1E6CEC5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:content_server:7.53:*:*:*:*:*:*:*",
                     matchCriteriaId: "A02FB973-7FA0-4881-B912-27F4CFBDC673",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:content_server:7.54:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED7FD33E-6870-48EB-8695-67B9169D1808",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:extended_application_services_and_runtime:1.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF475F4D-11D8-401A-BAB8-8A31E81CEEEB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:hana_database:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "30B0858F-6AE9-4163-B001-1481FD3AFF9F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:host_agent:722:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A56308E-B097-49F3-8963-1F34E8716CD9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:7.22ext:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF64539B-0DE2-4076-91B9-F03F4DDFAE2F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.22:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C07042F-C47F-441E-AB32-B58A066909E2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.53:*:*:*:*:*:*:*",
                     matchCriteriaId: "DBC44C62-0BFD-4170-B094-C82DEA473938",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.54:*:*:*:*:*:*:*",
                     matchCriteriaId: "D99F18BB-B44E-48B5-BD7C-D20E40915268",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.77:*:*:*:*:*:*:*",
                     matchCriteriaId: "208F59B2-7D79-4E0E-97DA-AEB9976C8EEA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.85:*:*:*:*:*:*:*",
                     matchCriteriaId: "A120BC2E-92B2-404A-ADF6-F1AF512631E6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.89:*:*:*:*:*:*:*",
                     matchCriteriaId: "56F63498-DAC3-40EE-9625-51FA522BA0DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.91:*:*:*:*:*:*:*",
                     matchCriteriaId: "06155DA1-7EDD-4EBA-8EBB-F7352F4EC7D2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.92:*:*:*:*:*:*:*",
                     matchCriteriaId: "104EE65A-202C-4F4E-B725-791A73687167",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.93:*:*:*:*:*:*:*",
                     matchCriteriaId: "0269C487-81F8-4240-BEF8-1A7C33864519",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_8.04:*:*:*:*:*:*:*",
                     matchCriteriaId: "379FDFC8-947E-4D09-A9DD-4B3F7481F648",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64nuc_7.22:*:*:*:*:*:*:*",
                     matchCriteriaId: "7184F3A2-3408-4B7E-BEA6-BBF55909969F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64nuc_7.22ext:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB2D30A5-DB16-4CB7-8135-3CE106FA5477",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.22:*:*:*:*:*:*:*",
                     matchCriteriaId: "D1657980-CBAC-41AC-A20E-18D7199EA244",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.22ext:*:*:*:*:*:*:*",
                     matchCriteriaId: "771ED2D0-3BC5-4C36-BCEB-1A1C46667363",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.53:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F05534F-3D2B-4983-9CC1-3A8BC7D421C8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_8.04:*:*:*:*:*:*:*",
                     matchCriteriaId: "AE19A598-2F90-4014-AC5B-352FBC154907",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.22:*:*:*:*:*:*:*",
                     matchCriteriaId: "97EDAAC4-4885-46CE-860A-DDF92FF205C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.53:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E53E262-A23E-4D99-B2D8-DDCBEED85EA2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.54:*:*:*:*:*:*:*",
                     matchCriteriaId: "F7E61257-B187-4A83-96BD-D53CE11061D7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.77:*:*:*:*:*:*:*",
                     matchCriteriaId: "34E0B493-0860-4074-A383-F9C2A06EA8E9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.85:*:*:*:*:*:*:*",
                     matchCriteriaId: "D338B951-5C8F-4C14-931C-5F8AEA7F5924",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.89:*:*:*:*:*:*:*",
                     matchCriteriaId: "525603B5-ADDC-4F58-B730-FC748A56D6E1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.91:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA2270AE-437E-4FDE-9F53-690C0BCF9C2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.92:*:*:*:*:*:*:*",
                     matchCriteriaId: "BD374580-7D80-4D7F-8D89-8F52F2DEA8D4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.93:*:*:*:*:*:*:*",
                     matchCriteriaId: "59253D09-D58D-4013-8F29-2172C1B83AA8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel_8.04:*:*:*:*:*:*:*",
                     matchCriteriaId: "21316691-9A18-4B41-915E-491225CEF966",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64nuc_7.22:*:*:*:*:*:*:*",
                     matchCriteriaId: "2BB08C06-0E07-4317-B1AC-C1ECCF931E7A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64nuc_7.22ext:*:*:*:*:*:*:*",
                     matchCriteriaId: "8692B960-38A9-4035-88F5-C33D15B6A018",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.22:*:*:*:*:*:*:*",
                     matchCriteriaId: "1D9E47FB-D39A-40C3-AEEE-D6A5AE27F063",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.22ext:*:*:*:*:*:*:*",
                     matchCriteriaId: "80C5A218-C623-41C5-A001-304046608CF9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.53:*:*:*:*:*:*:*",
                     matchCriteriaId: "92E7B426-D50F-4AEE-B6F3-5D00C8A195F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_8.04:*:*:*:*:*:*:*",
                     matchCriteriaId: "039A11C9-D9D1-42BC-8DD4-2BCDAAF464CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:sapssoext:17.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "784CA842-6657-4A02-96B0-76A66AC469C9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:web_dispatcher:7.22ext:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3F76E6A-2F27-450C-AAB5-E49A64079CAC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:web_dispatcher:7.53:*:*:*:*:*:*:*",
                     matchCriteriaId: "47D4D542-2EC2-490B-B4E9-3E7BB8D59B77",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:web_dispatcher:7.54:*:*:*:*:*:*:*",
                     matchCriteriaId: "950DF1E2-990E-41EF-8779-CEC54C7CDC60",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:web_dispatcher:7.77:*:*:*:*:*:*:*",
                     matchCriteriaId: "E33D9481-3CF6-4AA3-B115-7903AC6DAE25",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:web_dispatcher:7.85:*:*:*:*:*:*:*",
                     matchCriteriaId: "F74EE4D5-E968-4851-89E6-4152F64930F2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sap:web_dispatcher:7.89:*:*:*:*:*:*:*",
                     matchCriteriaId: "097ED3E8-49B1-497E-BD43-28C397FBEAE8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data.",
      },
      {
         lang: "es",
         value: "SAP CommonCryptoLib no realiza las comprobaciones de autenticación necesarias, lo que puede dar como resultado comprobaciones de autorización faltantes o incorrectas para un usuario autenticado, lo que resulta en una escalada de privilegios. Según la aplicación y el nivel de privilegios adquiridos, un atacante podría abusar de la funcionalidad restringida a un grupo de usuarios concreto, así como leer, modificar o eliminar datos restringidos.",
      },
   ],
   id: "CVE-2023-40309",
   lastModified: "2024-11-21T08:19:12.560",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.8,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 5.9,
            source: "cna@sap.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.8,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-09-12T03:15:12.073",
   references: [
      {
         source: "cna@sap.com",
         tags: [
            "Permissions Required",
            "Vendor Advisory",
         ],
         url: "https://me.sap.com/notes/3340576",
      },
      {
         source: "cna@sap.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Permissions Required",
            "Vendor Advisory",
         ],
         url: "https://me.sap.com/notes/3340576",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
      },
   ],
   sourceIdentifier: "cna@sap.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-863",
            },
         ],
         source: "cna@sap.com",
         type: "Primary",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.