PT-2023-27929 · Sap · Sap Netweaver Application Server Abap
Published
2023-11-14
·
Updated
2023-11-20
·
CVE-2023-41366
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SAP NetWeaver Application Server ABAP versions KERNEL 7.22 through KERNEL 7.94, KERNEL64UC 7.22 through KERNEL64UC 7.53, KERNEL64NUC 7.22 through KERNEL64NUC 7.22EXT
Description
The issue allows an unauthenticated attacker to access unintended data due to a lack of restrictions, which may lead to low impact in confidentiality and no impact on the integrity and availability of the application.
Recommendations
For SAP NetWeaver Application Server ABAP versions KERNEL 7.22 through KERNEL 7.94, KERNEL64UC 7.22 through KERNEL64UC 7.53, KERNEL64NUC 7.22 through KERNEL64NUC 7.22EXT, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sap Netweaver Application Server Abap