CVE-2023-49578

Name of the Vulnerable Software and Affected Versions SAP Cloud Connector version 2.0

Description The issue allows an authenticated user with low privilege to perform a Denial of Service attack from an adjacent UI by sending a malicious request. This leads to a low impact on the availability of the application, with no impact on confidentiality or integrity.

Recommendations For SAP Cloud Connector version 2.0, consider restricting access to the UI to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the ability of low-privilege users to send malicious requests to adjacent UI components.