Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2023-2309
Vulnerability from csaf_certbund - Published: 2023-09-11 22:00 - Updated: 2023-09-11 22:00Summary
SAP Patchday September 2023
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
SAP stellt unternehmensweite Lösungen für Geschäftsprozesse wie Buchführung, Vertrieb, Einkauf und Lagerhaltung zur Verfügung.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in SAP Software ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "SAP stellt unternehmensweite L\u00f6sungen f\u00fcr Gesch\u00e4ftsprozesse wie Buchf\u00fchrung, Vertrieb, Einkauf und Lagerhaltung zur Verf\u00fcgung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in SAP Software ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2309 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2309.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2309 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2309"
},
{
"category": "external",
"summary": "SAP Patchday September 2023 vom 2023-09-12",
"url": "https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a\u0026rc=10"
}
],
"source_lang": "en-US",
"title": "SAP Patchday September 2023",
"tracking": {
"current_release_date": "2023-09-11T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:58:15.189+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2309",
"initial_release_date": "2023-09-11T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-09-11T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "SAP Software",
"product": {
"name": "SAP Software",
"product_id": "T016476",
"product_identification_helper": {
"cpe": "cpe:/a:sap:sap:-"
}
}
}
],
"category": "vendor",
"name": "SAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-42472",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-42472"
},
{
"cve": "CVE-2023-41369",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-41369"
},
{
"cve": "CVE-2023-41368",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-41368"
},
{
"cve": "CVE-2023-41367",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-41367"
},
{
"cve": "CVE-2023-40625",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-40625"
},
{
"cve": "CVE-2023-40624",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-40624"
},
{
"cve": "CVE-2023-40623",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-40623"
},
{
"cve": "CVE-2023-40622",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-40622"
},
{
"cve": "CVE-2023-40621",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-40621"
},
{
"cve": "CVE-2023-40309",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-40309"
},
{
"cve": "CVE-2023-40308",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-40308"
},
{
"cve": "CVE-2023-40306",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-40306"
},
{
"cve": "CVE-2023-37489",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-37489"
},
{
"cve": "CVE-2023-25616",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-25616"
},
{
"cve": "CVE-2023-24998",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2022-41272",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2022-41272"
},
{
"cve": "CVE-2021-41184",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2021-41184"
},
{
"cve": "CVE-2021-41183",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2021-41183"
},
{
"cve": "CVE-2021-41182",
"notes": [
{
"category": "description",
"text": "In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten ABAP Platform, Business Client, Business Objects Business Intelligence Platform, CommonCryptoLib, Content Server, Extended Application Services and Runtime (XSA), HANA Database, Host Agent, NetWeaver, PowerDesignerClient, Quotation Management Insurance, S/4HANA, S4CORE, SSOEXT, UI5 und Web Dispatcher. Zu den Ursachen z\u00e4hlen unter anderem Fehler in der Speicherverwaltung und fehlende Eingabepr\u00fcfungen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Interaktion des Nutzers."
}
],
"product_status": {
"known_affected": [
"T016476"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2021-41182"
}
]
}
CVE-2023-25616 (GCVE-0-2023-25616)
Vulnerability from cvelistv5 – Published: 2023-03-14 04:41 – Updated: 2025-02-27 18:09
VLAI?
EPSS
Summary
In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact the confidentiality, Integrity, and Availability of the system.
Severity ?
9.9 (Critical)
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | Business Objects Business Intelligence Platform (CMC) |
Affected:
420
Affected: 430 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:25:19.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3245526"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25616",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-27T18:08:51.319369Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T18:09:04.335Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Business Objects Business Intelligence Platform (CMC)",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "420"
},
{
"status": "affected",
"version": "430"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object\u00a0execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact the confidentiality, Integrity, and Availability of the system.\u003c/p\u003e"
}
],
"value": "In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object\u00a0execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact the confidentiality, Integrity, and Availability of the system.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T21:28:38.999Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3245526"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Code Injection vulnerability in SAP Business Objects Business Intelligence Platform (CMC)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-25616",
"datePublished": "2023-03-14T04:41:28.901Z",
"dateReserved": "2023-02-09T13:30:50.223Z",
"dateUpdated": "2025-02-27T18:09:04.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37489 (GCVE-0-2023-37489)
Vulnerability from cvelistv5 – Published: 2023-09-12 00:55 – Updated: 2024-09-26 14:46
VLAI?
EPSS
Summary
Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version Management System) - version 403, permits an unauthenticated user to read the code snippet through the UI, which leads to low impact on confidentiality and no impact on the application's availability or integrity.
Severity ?
5.3 (Medium)
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP BusinessObjects Business Intelligence Platform (Version Management System) |
Affected:
430
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:16:30.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3352453"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37489",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:46:37.264526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:46:51.880Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP BusinessObjects Business Intelligence Platform (Version Management System)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "430"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDue to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version Management System) - version 403, permits an unauthenticated user to read the code snippet through the UI, which leads to low impact on confidentiality and no impact on the application\u0027s availability or integrity.\u003c/p\u003e"
}
],
"value": "Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version Management System) - version 403, permits an unauthenticated user to read the code snippet through the UI, which leads to low impact on confidentiality and no impact on the application\u0027s availability or integrity.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T00:55:46.173Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3352453"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Version Management System)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-37489",
"datePublished": "2023-09-12T00:55:46.173Z",
"dateReserved": "2023-07-06T14:57:18.509Z",
"dateUpdated": "2024-09-26T14:46:51.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41367 (GCVE-0-2023-41367)
Vulnerability from cvelistv5 – Published: 2023-09-12 01:59 – Updated: 2024-09-26 14:38
VLAI?
EPSS
Summary
Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user’s email address. There is no integrity/availability impact.
Severity ?
5.3 (Medium)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP NetWeaver (Guided Procedures) |
Affected:
7.50
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:34.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3348142"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:38:02.228553Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:38:15.247Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver (Guided Procedures)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDue to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user\u2019s email address. There is no integrity/availability impact.\u003c/p\u003e"
}
],
"value": "Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user\u2019s email address. There is no integrity/availability impact.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T01:59:55.915Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3348142"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authentication check in SAP NetWeaver (Guided Procedures)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-41367",
"datePublished": "2023-09-12T01:59:55.915Z",
"dateReserved": "2023-08-29T05:27:56.301Z",
"dateUpdated": "2024-09-26T14:38:15.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40308 (GCVE-0-2023-40308)
Vulnerability from cvelistv5 – Published: 2023-09-12 01:21 – Updated: 2024-09-26 18:22
VLAI?
EPSS
Summary
SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.
Severity ?
7.5 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| SAP_SE | SAP CommonCryptoLib |
Affected:
8
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:31:53.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3327896"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40308",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:46:05.348783Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:46:15.846Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP CommonCryptoLib",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "8"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "KERNEL",
"product": "SAP NetWeaver AS ABAP, SAP NetWeaver AS Java and ABAP Platform of S/4HANA on-premise",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "KERNEL 7.22"
},
{
"status": "affected",
"version": "KERNEL 7.53"
},
{
"status": "affected",
"version": "KERNEL 7.54"
},
{
"status": "affected",
"version": "KERNEL 7.77"
},
{
"status": "affected",
"version": "KERNEL 7.85"
},
{
"status": "affected",
"version": "KERNEL 7.89"
},
{
"status": "affected",
"version": "KERNEL 7.91"
},
{
"status": "affected",
"version": "KERNEL 7.92"
},
{
"status": "affected",
"version": "KERNEL 7.93"
},
{
"status": "affected",
"version": "KERNEL 8.04"
},
{
"status": "affected",
"version": "KERNEL64UC 7.22"
},
{
"status": "affected",
"version": "KERNEL64UC 7.22EXT"
},
{
"status": "affected",
"version": "KERNEL64UC 7.53"
},
{
"status": "affected",
"version": "KERNEL64UC 8.04"
},
{
"status": "affected",
"version": "KERNEL64NUC 7.22"
},
{
"status": "affected",
"version": "KERNEL64NUC 7.22EXT"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Web Dispatcher",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "7.22EXT"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "7.54"
},
{
"status": "affected",
"version": "7.77"
},
{
"status": "affected",
"version": "7.85"
},
{
"status": "affected",
"version": "7.89"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Content Server",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "6.50"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "7.54"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP HANA Database",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "2.00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Host Agent",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "722"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Extended Application Services and Runtime (XSA)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_EXTENDED_APP_SERVICES 1"
},
{
"status": "affected",
"version": "XS_ADVANCED_RUNTIME 1.00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAPSSOEXT",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP CommonCryptoLib\u00a0allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.\u003c/p\u003e"
}
],
"value": "SAP CommonCryptoLib\u00a0allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T18:22:53.534Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3327896"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Memory Corruption vulnerability in SAP CommonCryptoLib",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-40308",
"datePublished": "2023-09-12T01:21:15.083Z",
"dateReserved": "2023-08-14T07:36:04.796Z",
"dateUpdated": "2024-09-26T18:22:53.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-41272 (GCVE-0-2022-41272)
Vulnerability from cvelistv5 – Published: 2022-12-13 03:05 – Updated: 2025-04-21 15:32
VLAI?
EPSS
Summary
An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search (UDS) of SAP NetWeaver Process Integration (PI) - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data across the entire system. This allows the attacker to have full read access to user data, make limited modifications to user data, and degrade the performance of the system, leading to a high impact on confidentiality and a limited impact on the availability and integrity of the application.
Severity ?
9.9 (Critical)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | NetWeaver Process Integration |
Affected:
7.50
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:42:43.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3273480"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-41272",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-21T15:31:34.421682Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T15:32:01.208Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NetWeaver Process Integration",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: white;\"\u003eAn unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search (UDS) of SAP NetWeaver Process Integration (PI) - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data across the entire system. This allows the attacker to have full read access to user data, make limited modifications to user data, and degrade the performance of the system, leading to a high impact on confidentiality and a limited impact on the availability and integrity of the application.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search (UDS) of SAP NetWeaver Process Integration (PI) - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data across the entire system. This allows the attacker to have full read access to user data, make limited modifications to user data, and degrade the performance of the system, leading to a high impact on confidentiality and a limited impact on the availability and integrity of the application.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T03:05:13.650Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3273480"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2022-41272",
"datePublished": "2022-12-13T03:05:13.650Z",
"dateReserved": "2022-09-21T16:20:14.951Z",
"dateUpdated": "2025-04-21T15:32:01.208Z",
"requesterUserId": "048f1e0a-8756-40de-bd1f-51292c7183c7",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40621 (GCVE-0-2023-40621)
Vulnerability from cvelistv5 – Published: 2023-09-12 02:10 – Updated: 2024-09-25 15:25
VLAI?
EPSS
Summary
SAP PowerDesigner Client - version 16.7, allows an unauthenticated attacker to inject VBScript code in a document and have it opened by an unsuspecting user, to have it executed by the application on behalf of the user. The application has a security option to disable or prompt users before untrusted scripts are executed, but this is not set as default.
Severity ?
6.3 (Medium)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP PowerDesigner Client |
Affected:
16.7
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:50.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3357163"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40621",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:03:57.473341Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:25:02.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP PowerDesigner Client",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "16.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SAP PowerDesigner Client - version 16.7, allows an unauthenticated attacker to inject VBScript code in a document and have it opened by an unsuspecting user, to have it executed by the application on behalf of the user. The application has a security option to disable or prompt users before untrusted scripts are executed, but this is not set as default."
}
],
"value": "SAP PowerDesigner Client - version 16.7, allows an unauthenticated attacker to inject VBScript code in a document and have it opened by an unsuspecting user, to have it executed by the application on behalf of the user. The application has a security option to disable or prompt users before untrusted scripts are executed, but this is not set as default."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T02:10:22.051Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"url": "https://me.sap.com/notes/3357163"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Code Injection vulnerability in SAP PowerDesigner Client",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-40621",
"datePublished": "2023-09-12T02:10:22.051Z",
"dateReserved": "2023-08-17T18:10:44.965Z",
"dateUpdated": "2024-09-25T15:25:02.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41182 (GCVE-0-2021-41182)
Vulnerability from cvelistv5 – Published: 2021-10-26 00:00 – Updated: 2025-02-13 16:28
VLAI?
EPSS
Summary
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:59:31.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jquery/jquery-ui/pull/1954/commits/6809ce843e5ac4128108ea4c15cbc100653c2b63"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/"
},
{
"name": "FEDORA-2021-51c256bf87",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/"
},
{
"name": "FEDORA-2021-ab38307fc3",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/"
},
{
"name": "FEDORA-2021-013ab302be",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/"
},
{
"name": "[debian-lts-announce] 20220119 [SECURITY] [DLA-2889-1] drupal7 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.drupal.org/sa-core-2022-002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211118-0004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.drupal.org/sa-contrib-2022-004"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2022-09"
},
{
"name": "FEDORA-2022-9d655503ea",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/"
},
{
"name": "FEDORA-2022-bf18450366",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jquery-ui",
"vendor": "jquery",
"versions": [
{
"status": "affected",
"version": "\u003c 1.13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-31T02:06:24.588Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc"
},
{
"url": "https://github.com/jquery/jquery-ui/pull/1954/commits/6809ce843e5ac4128108ea4c15cbc100653c2b63"
},
{
"url": "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/"
},
{
"name": "FEDORA-2021-51c256bf87",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/"
},
{
"name": "FEDORA-2021-ab38307fc3",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/"
},
{
"name": "FEDORA-2021-013ab302be",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/"
},
{
"name": "[debian-lts-announce] 20220119 [SECURITY] [DLA-2889-1] drupal7 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html"
},
{
"url": "https://www.drupal.org/sa-core-2022-002"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20211118-0004/"
},
{
"url": "https://www.drupal.org/sa-contrib-2022-004"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://www.tenable.com/security/tns-2022-09"
},
{
"name": "FEDORA-2022-9d655503ea",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/"
},
{
"name": "FEDORA-2022-bf18450366",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
}
],
"source": {
"advisory": "GHSA-9gj3-hwp5-pmwc",
"discovery": "UNKNOWN"
},
"title": "XSS in the `altField` option of the Datepicker widget"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41182",
"datePublished": "2021-10-26T00:00:00.000Z",
"dateReserved": "2021-09-15T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:28:30.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40623 (GCVE-0-2023-40623)
Vulnerability from cvelistv5 – Published: 2023-09-12 02:02 – Updated: 2024-09-25 15:28
VLAI?
EPSS
Summary
SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files causing a limited impact on integrity and completely compromising the availability of the system.
Severity ?
6.2 (Medium)
CWE
- CWE-1386 - Insecure Operation on Windows Junction / Mount Point
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP BusinessObjects Suite (Installer) |
Affected:
420
Affected: 430 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3317702"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40623",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:04:33.771211Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:28:05.273Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP BusinessObjects Suite (Installer)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "420"
},
{
"status": "affected",
"version": "430"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP BusinessObjects Suite\u00a0Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files causing a limited impact on integrity and completely compromising the availability of the system.\u003c/p\u003e"
}
],
"value": "SAP BusinessObjects Suite\u00a0Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files causing a limited impact on integrity and completely compromising the availability of the system.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1386",
"description": "CWE-1386: Insecure Operation on Windows Junction / Mount Point",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T02:02:38.194Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3317702"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary File Delete via Directory Junction in SAP BusinessObjects Suite(installer)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-40623",
"datePublished": "2023-09-12T02:02:38.194Z",
"dateReserved": "2023-08-17T18:10:44.966Z",
"dateUpdated": "2024-09-25T15:28:05.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41183 (GCVE-0-2021-41183)
Vulnerability from cvelistv5 – Published: 2021-10-26 00:00 – Updated: 2025-02-13 16:28
VLAI?
EPSS
Summary
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:31.304Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jquery/jquery-ui/pull/1953"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.jqueryui.com/ticket/15284"
},
{
"name": "FEDORA-2021-51c256bf87",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/"
},
{
"name": "FEDORA-2021-ab38307fc3",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/"
},
{
"name": "FEDORA-2021-013ab302be",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/"
},
{
"name": "[debian-lts-announce] 20220119 [SECURITY] [DLA-2889-1] drupal7 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.drupal.org/sa-core-2022-002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211118-0004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.drupal.org/sa-contrib-2022-004"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.drupal.org/sa-core-2022-001"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2022-09"
},
{
"name": "FEDORA-2022-9d655503ea",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/"
},
{
"name": "FEDORA-2022-bf18450366",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jquery-ui",
"vendor": "jquery",
"versions": [
{
"status": "affected",
"version": "\u003c 1.13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-31T02:06:53.562Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/"
},
{
"url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4"
},
{
"url": "https://github.com/jquery/jquery-ui/pull/1953"
},
{
"url": "https://bugs.jqueryui.com/ticket/15284"
},
{
"name": "FEDORA-2021-51c256bf87",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/"
},
{
"name": "FEDORA-2021-ab38307fc3",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/"
},
{
"name": "FEDORA-2021-013ab302be",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/"
},
{
"name": "[debian-lts-announce] 20220119 [SECURITY] [DLA-2889-1] drupal7 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html"
},
{
"url": "https://www.drupal.org/sa-core-2022-002"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20211118-0004/"
},
{
"url": "https://www.drupal.org/sa-contrib-2022-004"
},
{
"url": "https://www.drupal.org/sa-core-2022-001"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://www.tenable.com/security/tns-2022-09"
},
{
"name": "FEDORA-2022-9d655503ea",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/"
},
{
"name": "FEDORA-2022-bf18450366",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
}
],
"source": {
"advisory": "GHSA-j7qv-pgf6-hvh4",
"discovery": "UNKNOWN"
},
"title": "XSS in `*Text` options of the Datepicker widget"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41183",
"datePublished": "2021-10-26T00:00:00.000Z",
"dateReserved": "2021-09-15T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:28:30.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40309 (GCVE-0-2023-40309)
Vulnerability from cvelistv5 – Published: 2023-09-12 02:21 – Updated: 2024-09-28 22:10
VLAI?
EPSS
Summary
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data.
Severity ?
9.8 (Critical)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| SAP_SE | SAP CommonCryptoLib |
Affected:
8
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:31:53.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3340576"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40309",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:26:09.938156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:26:24.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP CommonCryptoLib",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver AS ABAP, SAP NetWeaver AS Java and ABAP Platform of S/4HANA on-premise",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "KERNEL 7.22"
},
{
"status": "affected",
"version": "KERNEL 7.53"
},
{
"status": "affected",
"version": "KERNEL 7.54"
},
{
"status": "affected",
"version": "KERNEL 7.77"
},
{
"status": "affected",
"version": "KERNEL 7.85"
},
{
"status": "affected",
"version": "KERNEL 7.89"
},
{
"status": "affected",
"version": "KERNEL 7.91"
},
{
"status": "affected",
"version": "KERNEL 7.92"
},
{
"status": "affected",
"version": "KERNEL 7.93"
},
{
"status": "affected",
"version": "KERNEL 8.04"
},
{
"status": "affected",
"version": "KERNEL64UC 7.22"
},
{
"status": "affected",
"version": "KERNEL64UC 7.22EXT"
},
{
"status": "affected",
"version": "KERNEL64UC 7.53"
},
{
"status": "affected",
"version": "KERNEL64UC 8.04"
},
{
"status": "affected",
"version": "KERNEL64NUC 7.22"
},
{
"status": "affected",
"version": "KERNEL64NUC 7.22EXT"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Web Dispatcher",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "7.22EXT"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "7.54"
},
{
"status": "affected",
"version": "7.77"
},
{
"status": "affected",
"version": "7.85"
},
{
"status": "affected",
"version": "7.89"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Content Server",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "6.50"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "7.54"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP HANA Database",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "2.00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Host Agent",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "722"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Extended Application Services and Runtime (XSA)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_EXTENDED_APP_SERVICES 1"
},
{
"status": "affected",
"version": "XS_ADVANCED_RUNTIME 1.00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAPSSOEXT",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired,\u00a0an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data.\u003c/p\u003e"
}
],
"value": "SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired,\u00a0an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-28T22:10:46.845Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3340576"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authorization check in SAP CommonCryptoLib",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-40309",
"datePublished": "2023-09-12T02:21:19.058Z",
"dateReserved": "2023-08-14T07:36:04.796Z",
"dateUpdated": "2024-09-28T22:10:46.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24998 (GCVE-0-2023-24998)
Vulnerability from cvelistv5 – Published: 2023-02-20 15:57 – Updated: 2025-11-03 21:47
VLAI?
EPSS
Summary
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.
Note that, like all of the file upload limits, the
new configuration option (FileUploadBase#setFileCountMax) is not
enabled by default and must be explicitly configured.
Severity ?
No CVSS data available.
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apache Software Foundation | Apache Commons FileUpload |
Affected:
0 , < 1.5
(semver)
|
|||||||
|
|||||||||
Credits
Jakob Ackermann
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:47:24.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230302-0013/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/05/22/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202305-37"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00008.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20241108-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Commons FileUpload",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Apache Tomcat",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "11.0.0-M1"
},
{
"lessThanOrEqual": "10.1.4",
"status": "affected",
"version": "10.0.0-M1",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.0.70",
"status": "affected",
"version": "9.0.0-M1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.5.84",
"status": "affected",
"version": "8.5.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jakob Ackermann"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eApache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eNote that, like all of the file upload limits, the\n new configuration option (FileUploadBase#setFileCountMax) is not\n enabled by default and must be explicitly configured.\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.\n\n\n\n\nNote that, like all of the file upload limits, the\n new configuration option (FileUploadBase#setFileCountMax) is not\n enabled by default and must be explicitly configured."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-13T15:06:16.472Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/22/1"
},
{
"url": "https://security.gentoo.org/glsa/202305-37"
},
{
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache Commons FileUpload, Apache Tomcat: FileUpload DoS with excessive parts",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-24998",
"datePublished": "2023-02-20T15:57:07.372Z",
"dateReserved": "2023-02-01T10:32:05.492Z",
"dateUpdated": "2025-11-03T21:47:24.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-41184 (GCVE-0-2021-41184)
Vulnerability from cvelistv5 – Published: 2021-10-26 00:00 – Updated: 2025-11-04 16:09
VLAI?
EPSS
Summary
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:09:17.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jquery/jquery-ui/commit/effa323f1505f2ce7a324e4f429fa9032c72f280"
},
{
"name": "FEDORA-2021-51c256bf87",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/"
},
{
"name": "FEDORA-2021-ab38307fc3",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/"
},
{
"name": "FEDORA-2021-013ab302be",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211118-0004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.drupal.org/sa-core-2022-001"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2022-09"
},
{
"name": "FEDORA-2022-9d655503ea",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/"
},
{
"name": "FEDORA-2022-bf18450366",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Aug/37"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jquery-ui",
"vendor": "jquery",
"versions": [
{
"status": "affected",
"version": "\u003c 1.13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-31T02:06:17.867Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/"
},
{
"url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327"
},
{
"url": "https://github.com/jquery/jquery-ui/commit/effa323f1505f2ce7a324e4f429fa9032c72f280"
},
{
"name": "FEDORA-2021-51c256bf87",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/"
},
{
"name": "FEDORA-2021-ab38307fc3",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/"
},
{
"name": "FEDORA-2021-013ab302be",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20211118-0004/"
},
{
"url": "https://www.drupal.org/sa-core-2022-001"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://www.tenable.com/security/tns-2022-09"
},
{
"name": "FEDORA-2022-9d655503ea",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/"
},
{
"name": "FEDORA-2022-bf18450366",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
}
],
"source": {
"advisory": "GHSA-gpqq-952q-5327",
"discovery": "UNKNOWN"
},
"title": "XSS in the `of` option of the `.position()` util"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41184",
"datePublished": "2021-10-26T00:00:00.000Z",
"dateReserved": "2021-09-15T00:00:00.000Z",
"dateUpdated": "2025-11-04T16:09:17.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-40306 (GCVE-0-2023-40306)
Vulnerability from cvelistv5 – Published: 2023-09-08 21:05 – Updated: 2024-09-25 20:04
VLAI?
EPSS
Summary
SAP S/4HANA Manage Catalog Items and Cross-Catalog searches Fiori apps allow an attacker to redirect users to a malicious site due to insufficient URL validation. As a result, it may have a slight impact on confidentiality and integrity.
Severity ?
6.1 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP S/4HANA (Manage Catalog Items and Cross-Catalog search) |
Affected:
103
Affected: 104 Affected: 105 Affected: 106 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:31:53.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3156972"
},
{
"tags": [
"x_transferred"
],
"url": "https://https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40306",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T16:23:35.256167Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T20:04:01.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP S/4HANA (Manage Catalog Items and Cross-Catalog search)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "103"
},
{
"status": "affected",
"version": "104"
},
{
"status": "affected",
"version": "105"
},
{
"status": "affected",
"version": "106"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SAP S/4HANA Manage Catalog Items and Cross-Catalog searches Fiori apps allow an attacker to redirect users to a malicious site due to insufficient URL validation. As a result, it may have a slight impact on confidentiality and integrity."
}
],
"value": "SAP S/4HANA Manage Catalog Items and Cross-Catalog searches Fiori apps allow an attacker to redirect users to a malicious site due to insufficient URL validation. As a result, it may have a slight impact on confidentiality and integrity."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T01:55:37.558Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3156972"
},
{
"url": "https://https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "URL Redirection vulnerability in SAP S/4HANA (Manage Catalog Items and Cross-Catalog search)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-40306",
"datePublished": "2023-09-08T21:05:24.877Z",
"dateReserved": "2023-08-14T07:36:04.796Z",
"dateUpdated": "2024-09-25T20:04:01.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40625 (GCVE-0-2023-40625)
Vulnerability from cvelistv5 – Published: 2023-09-12 02:00 – Updated: 2024-09-25 15:28
VLAI?
EPSS
Summary
S4CORE (Manage Purchase Contracts App) - versions 102, 103, 104, 105, 106, 107, does not perform necessary authorization checks for an authenticated user. This could allow an attacker to perform unintended actions resulting in escalation of privileges which has low impact on confidentiality and integrity with no impact on availibility of the system.
Severity ?
5.4 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP Manage Purchase Contracts App |
Affected:
S4CORE 102
Affected: S4CORE 103 Affected: S4CORE 104 Affected: S4CORE 105 Affected: S4CORE 106 Affected: S4CORE 107 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.007Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3326361"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40625",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:06:14.215597Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:28:24.390Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Manage Purchase Contracts App",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "S4CORE 102"
},
{
"status": "affected",
"version": "S4CORE 103"
},
{
"status": "affected",
"version": "S4CORE 104"
},
{
"status": "affected",
"version": "S4CORE 105"
},
{
"status": "affected",
"version": "S4CORE 106"
},
{
"status": "affected",
"version": "S4CORE 107"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eS4CORE (Manage Purchase Contracts App) - versions 102, 103, 104, 105, 106, 107, does not perform necessary authorization checks for an authenticated user. This could allow an attacker to perform unintended actions resulting in escalation of privileges which has low impact on confidentiality and integrity with no impact on availibility of the system.\u003c/p\u003e"
}
],
"value": "S4CORE (Manage Purchase Contracts App) - versions 102, 103, 104, 105, 106, 107, does not perform necessary authorization checks for an authenticated user. This could allow an attacker to perform unintended actions resulting in escalation of privileges which has low impact on confidentiality and integrity with no impact on availibility of the system.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T02:00:13.727Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3326361"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authorization check in SAP Manage Purchase Contracts App",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-40625",
"datePublished": "2023-09-12T02:00:13.727Z",
"dateReserved": "2023-08-17T18:10:44.968Z",
"dateUpdated": "2024-09-25T15:28:24.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-42472 (GCVE-0-2023-42472)
Vulnerability from cvelistv5 – Published: 2023-09-12 01:58 – Updated: 2024-09-26 14:44
VLAI?
EPSS
Summary
Due to insufficient file type validation, SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) - version 420, allows a report creator to upload files from local system into the report over the network. When uploading the image file, an authenticated attacker could intercept the request, modify the content type and the extension to read and modify sensitive data causing a high impact on confidentiality and integrity of the application.
Severity ?
8.7 (High)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) |
Affected:
420
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:38.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3370490"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42472",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:43:02.622081Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:44:15.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "420"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDue to insufficient file type validation, SAP BusinessObjects\u00a0Business Intelligence Platform (Web Intelligence HTML interface) - version 420, allows a report creator to upload files from local system into the report over the network. When uploading the image file, an authenticated attacker could intercept the request, modify the content type and the extension to read and modify sensitive data causing a high impact on confidentiality and integrity of the application.\u003c/p\u003e"
}
],
"value": "Due to insufficient file type validation, SAP BusinessObjects\u00a0Business Intelligence Platform (Web Intelligence HTML interface) - version 420, allows a report creator to upload files from local system into the report over the network. When uploading the image file, an authenticated attacker could intercept the request, modify the content type and the extension to read and modify sensitive data causing a high impact on confidentiality and integrity of the application.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T01:58:32.439Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3370490"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insufficient File type validation in SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-42472",
"datePublished": "2023-09-12T01:58:32.439Z",
"dateReserved": "2023-09-11T07:15:13.774Z",
"dateUpdated": "2024-09-26T14:44:15.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41369 (GCVE-0-2023-41369)
Vulnerability from cvelistv5 – Published: 2023-09-12 01:59 – Updated: 2024-09-25 15:33
VLAI?
EPSS
Summary
The Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attacker to upload the XML file as an attachment. When clicked on the XML file in the attachment section, the file gets opened in the browser to cause the entity loops to slow down the browser.
Severity ?
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP S/4HANA (Create Single Payment application) |
Affected:
100
Affected: 101 Affected: 102 Affected: 103 Affected: 104 Affected: 105 Affected: 106 Affected: 107 Affected: 108 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:34.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3369680"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41369",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:11:16.316030Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:33:02.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP S/4HANA (Create Single Payment application)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "100"
},
{
"status": "affected",
"version": "101"
},
{
"status": "affected",
"version": "102"
},
{
"status": "affected",
"version": "103"
},
{
"status": "affected",
"version": "104"
},
{
"status": "affected",
"version": "105"
},
{
"status": "affected",
"version": "106"
},
{
"status": "affected",
"version": "107"
},
{
"status": "affected",
"version": "108"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe Create Single Payment application of SAP S/4HANA\u00a0- versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attacker to upload the XML file as an attachment.\u00a0When clicked on the XML file in the attachment section, the file gets opened in the browser to cause the\u00a0entity loops to slow down the browser.\u003c/p\u003e"
}
],
"value": "The Create Single Payment application of SAP S/4HANA\u00a0- versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attacker to upload the XML file as an attachment.\u00a0When clicked on the XML file in the attachment section, the file gets opened in the browser to cause the\u00a0entity loops to slow down the browser.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611: Improper Restriction of XML External Entity Reference",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T01:59:03.570Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3369680"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "External Entity Loop vulnerability in SAP S/4HANA (Create Single Payment application)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-41369",
"datePublished": "2023-09-12T01:59:03.570Z",
"dateReserved": "2023-08-29T05:27:56.301Z",
"dateUpdated": "2024-09-25T15:33:02.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41368 (GCVE-0-2023-41368)
Vulnerability from cvelistv5 – Published: 2023-09-12 01:59 – Updated: 2024-09-26 16:04
VLAI?
EPSS
Summary
The OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107, allows an attacker to change the checkbook name by simulating an update OData call.
Severity ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | S4 HANA ABAP (Manage checkbook apps) |
Affected:
102
Affected: 103 Affected: 104 Affected: 105 Affected: 106 Affected: 107 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3355675"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41368",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T16:02:46.199952Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T16:04:32.037Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "S4 HANA ABAP (Manage checkbook apps)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "102"
},
{
"status": "affected",
"version": "103"
},
{
"status": "affected",
"version": "104"
},
{
"status": "affected",
"version": "105"
},
{
"status": "affected",
"version": "106"
},
{
"status": "affected",
"version": "107"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107, allows an attacker to change the checkbook name by simulating an update OData call.\u003c/p\u003e"
}
],
"value": "The OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107, allows an attacker to change the checkbook name by simulating an update OData call.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639: Authorization Bypass Through User-Controlled Key",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T01:59:39.205Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3355675"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure Direct Object Reference (IDOR) vulnerability in S4 HANA (Manage checkbook apps)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-41368",
"datePublished": "2023-09-12T01:59:39.205Z",
"dateReserved": "2023-08-29T05:27:56.301Z",
"dateUpdated": "2024-09-26T16:04:32.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40624 (GCVE-0-2023-40624)
Vulnerability from cvelistv5 – Published: 2023-09-12 02:00 – Updated: 2024-09-25 20:15
VLAI?
EPSS
Summary
SAP NetWeaver AS ABAP (applications based on Unified Rendering) - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, SAP_BASIS 702, SAP_BASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-application. An attacker could thereby control the behavior of this web-application.
Severity ?
5.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP NetWeaver AS ABAP (applications based on Unified Rendering) |
Affected:
SAP_UI 754
Affected: SAP_UI 755 Affected: SAP_UI 756 Affected: SAP_UI 757 Affected: SAP_UI 758 Affected: SAP_BASIS 702 Affected: SAP_BASIS 731 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3323163"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40624",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:04:43.441539Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T20:15:00.246Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver AS ABAP (applications based on Unified Rendering)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_UI 754"
},
{
"status": "affected",
"version": "SAP_UI 755"
},
{
"status": "affected",
"version": "SAP_UI 756"
},
{
"status": "affected",
"version": "SAP_UI 757"
},
{
"status": "affected",
"version": "SAP_UI 758"
},
{
"status": "affected",
"version": "SAP_BASIS 702"
},
{
"status": "affected",
"version": "SAP_BASIS 731"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP NetWeaver AS ABAP (applications based on Unified Rendering)\u00a0- versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, SAP_BASIS 702, SAP_BASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-application. An attacker could thereby control the behavior of this web-application.\u003c/p\u003e"
}
],
"value": "SAP NetWeaver AS ABAP (applications based on Unified Rendering)\u00a0- versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, SAP_BASIS 702, SAP_BASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-application. An attacker could thereby control the behavior of this web-application.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T02:00:30.824Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3323163"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Code Injection vulnerability in SAP NetWeaver AS ABAP (applications based on Unified Rendering)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-40624",
"datePublished": "2023-09-12T02:00:30.824Z",
"dateReserved": "2023-08-17T18:10:44.966Z",
"dateUpdated": "2024-09-25T20:15:00.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40622 (GCVE-0-2023-40622)
Vulnerability from cvelistv5 – Published: 2023-09-12 02:03 – Updated: 2024-09-28 22:11
VLAI?
EPSS
Summary
SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application causing high impact on confidentiality, integrity, and availability.
Severity ?
9.9 (Critical)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP BusinessObjects Business Intelligence Platform (Promotion Management) |
Affected:
420
Affected: 430 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:50.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3320355"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40622",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:26:55.780411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:27:06.678Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP BusinessObjects Business Intelligence Platform (Promotion Management)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "420"
},
{
"status": "affected",
"version": "430"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application causing high impact on confidentiality, integrity, and availability.\u003c/p\u003e"
}
],
"value": "SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application causing high impact on confidentiality, integrity, and availability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-28T22:11:29.586Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3320355"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-40622",
"datePublished": "2023-09-12T02:03:05.907Z",
"dateReserved": "2023-08-17T18:10:44.965Z",
"dateUpdated": "2024-09-28T22:11:29.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…