CVE-2023-25615

🗓️ 14 Mar 2023 04:40:25Reported by sapType

Insufficient input sanitization in SAP ABAP versions 751, 753, 754, 756, 757, 791 allows authenticated high privileged user to inject malicious DB queries over network, leading to unauthorized data access

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2023-25615	14 Mar 202312:54	–	circl
CNNVD	SAP ABAP Platform SQL注入漏洞	14 Mar 202300:00	–	cnnvd
Cvelist	CVE-2023-25615 SQL Injection vulnerability in SAP ABAP Platform	14 Mar 202304:40	–	cvelist
EUVD	EUVD-2023-29555	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	14 Mar 202300:00	–	ncsc
NVD	CVE-2023-25615	14 Mar 202305:15	–	nvd
OSV	CVE-2023-25615	14 Mar 202305:15	–	osv
Prion	Input validation	14 Mar 202305:15	–	prion
Positive Technologies	PT-2023-20196 · Sap · Sap Aba	14 Mar 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-25615	9 Jan 202609:31	–	redhatcve

NVD

Vulners

Node

sap abap_platformMatch751

sap abap_platformMatch753

sap abap_platformMatch754

sap abap_platformMatch756

sap abap_platformMatch757

sap abap_platformMatch791

[
  {
    "defaultStatus": "unaffected",
    "product": "ABAP Platform",
    "vendor": "SAP",
    "versions": [
      {
        "status": "affected",
        "version": "751"
      },
      {
        "status": "affected",
        "version": "753"
      },
      {
        "status": "affected",
        "version": "754"
      },
      {
        "status": "affected",
        "version": "756"
      },
      {
        "status": "affected",
        "version": "757"
      },
      {
        "status": "affected",
        "version": "791"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

21 Nov 2024 07:49Current

5.1Medium risk

Vulners AI Score5.1

CVSS 3.14.9 - 6.8

EPSS0.00534

SSVC

CWE-89