CVE-2023-50422

Name of the Vulnerable Software and Affected Versions SAP BTP Security Services Integration Library versions below 2.17.0 SAP BTP Security Services Integration Library versions from 3.0.0 to before 3.3.0

Description The issue is related to insecure privilege management in the SAP BTP Security Services Integration Library, allowing an unauthenticated attacker to obtain arbitrary permissions within the application under certain conditions. On successful exploitation, this can lead to an escalation of privileges.

Recommendations For versions below 2.17.0, upgrade to version 2.17.0 or later. For versions from 3.0.0 to before 3.3.0, upgrade to version 3.3.0 or later. It is recommended to upgrade to the latest released version to ensure all security patches are applied.