CVE-2023-36922

🗓️ 11 Jul 2023 02:56:55Reported by sapType

SAP NetWeaver ABAP (IS-OIL) allows authenticated attacker to inject OS command in unprotected paramete

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2023-36922	12 Jul 202317:55	–	circl
CNNVD	SAP NetWeaver ABAP Server 操作系统命令注入漏洞	11 Jul 202300:00	–	cnnvd
CNVD	SAP NetWeaver ABAP Server Operating System Command Injection Vulnerability	14 Jul 202300:00	–	cnvd
Cvelist	CVE-2023-36922 OS command injection vulnerability in SAP ECC and SAP S/4HANA (IS-OIL)	11 Jul 202302:56	–	cvelist
EUVD	EUVD-2023-40842	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	11 Jul 202300:00	–	ncsc
NVD	CVE-2023-36922	11 Jul 202303:15	–	nvd
Prion	Design/Logic Flaw	11 Jul 202303:15	–	prion
Positive Technologies	PT-2023-4087 · Sap · Sap Ecc +1	10 Jul 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-36922	23 May 202505:03	–	redhatcve

NVD

Vulners

Node

sap netweaverMatch600

sap netweaverMatch602

sap netweaverMatch603

sap netweaverMatch604

sap netweaverMatch605

sap netweaverMatch606

sap netweaverMatch617

sap netweaverMatch618

sap netweaverMatch800

sap netweaverMatch802

sap netweaverMatch803

sap netweaverMatch804

sap netweaverMatch805

sap netweaverMatch806

sap netweaverMatch807

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP ECC and SAP S/4HANA (IS-OIL)",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "IS-OIL 600"
      },
      {
        "status": "affected",
        "version": "IS-OIL 602"
      },
      {
        "status": "affected",
        "version": "IS-OIL 603"
      },
      {
        "status": "affected",
        "version": "IS-OIL 604"
      },
      {
        "status": "affected",
        "version": "IS-OIL 605"
      },
      {
        "status": "affected",
        "version": "IS-OIL 606"
      },
      {
        "status": "affected",
        "version": "IS-OIL 617"
      },
      {
        "status": "affected",
        "version": "IS-OIL 618"
      },
      {
        "status": "affected",
        "version": "IS-OIL 800"
      },
      {
        "status": "affected",
        "version": "IS-OIL 802"
      },
      {
        "status": "affected",
        "version": "IS-OIL 803"
      },
      {
        "status": "affected",
        "version": "IS-OIL 804"
      },
      {
        "status": "affected",
        "version": "IS-OIL 805"
      },
      {
        "status": "affected",
        "version": "IS-OIL 806"
      },
      {
        "status": "affected",
        "version": "IS-OIL 807"
      }
    ]
  }
]

Source	Link
me	www.me.sap.com/notes/3350297
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

21 Nov 2024 08:10Current

8.7High risk

Vulners AI Score8.7

CVSS 3.18.8 - 9.1

EPSS0.00217

CWE-78