CVE-2023-29111

Name of the Vulnerable Software and Affected Versions SAP AIF (ODATA service) versions 755, 756

Description The SAP AIF (ODATA service) discloses more detailed information than is required. An authorized attacker can use the collected information possibly to exploit the component, causing a low impact on the confidentiality of the application.

Recommendations For versions 755 and 756, consider restricting access to sensitive information to minimize the risk of exploitation until a fix is available. As a temporary workaround, consider disabling the ODATA service until a patch is available. Restrict access to the SAP AIF component to minimize the risk of exploitation.