CVE-2023-49580

Name of the Vulnerable Software and Affected Versions SAP GUI for Windows and SAP GUI for Java - versions SAP BASIS 755, SAP BASIS 756, SAP BASIS 757, SAP BASIS 758

Description The issue allows an unauthenticated attacker to access information which would otherwise be restricted and confidential. Additionally, it enables the attacker to create Layout configurations of the ABAP List Viewer, causing a mild impact on integrity and availability, such as increasing the response times of the AS ABAP.

Recommendations For versions SAP BASIS 755, SAP BASIS 756, SAP BASIS 757, SAP BASIS 758, consider restricting access to the ABAP List Viewer to minimize the risk of exploitation until a patch is available. As a temporary workaround, consider disabling the creation of Layout configurations in the ABAP List Viewer to prevent integrity and availability impacts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.