PT-2023-31268 · Sap · Sap Solution Manager

Published

2023-12-11

Updated

2023-12-14

CVE-2023-49587

CVSS v3.1

6.4

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions SAP Solution Manager version 720

Description The issue allows an authorized attacker to execute certain deprecated function modules, which can read or modify data of the same or other components without user interaction over the network.

Recommendations For SAP Solution Manager version 720, consider restricting access to deprecated function modules to minimize the risk of exploitation. As a temporary workaround, disabling the execution of these deprecated function modules can help until a more permanent solution is available.

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2023-49587

Affected Products

Sap Solution Manager

PT-2023-31268 · Sap · Sap Solution Manager

CVE-2023-49587

Weakness Enumeration

Related Identifiers

Affected Products

References · 6