CVE-2023-23855

Name of the Vulnerable Software and Affected Versions SAP Solution Manager version 720

Description The issue allows an authenticated attacker to redirect users to a malicious site due to insufficient URL validation. A successful attack could lead an attacker to read or modify the information or expose the user to a phishing attack, resulting in a low impact to confidentiality, integrity, and availability.

Recommendations For SAP Solution Manager version 720, update to a version that includes sufficient URL validation to prevent redirection to malicious sites. As a temporary workaround, consider restricting access to sensitive information and implementing additional phishing protections until a patch is available.