CVE-2023-36924

🗓️ 11 Jul 2023 02:57:27Reported by sapType

CVE-2023-36924 SAP ERP Defense Forces allows authenticated admin to write arbitrary data to syslog file

Reporter	Title	Published	Views	Family All 10
CNNVD	SAP ERP 安全漏洞	11 Jul 202300:00	–	cnnvd
Cvelist	CVE-2023-36924 Log Injection vulnerability in SAP ERP Defense Forces and Public Security	11 Jul 202302:57	–	cvelist
EUVD	EUVD-2023-40844	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	11 Jul 202300:00	–	ncsc
NVD	CVE-2023-36924	11 Jul 202303:15	–	nvd
OSV	CVE-2023-36924	11 Jul 202303:15	–	osv
Prion	Design/Logic Flaw	11 Jul 202303:15	–	prion
Positive Technologies	PT-2023-4139 · Sap · Sap Erp Defense Forces/Public Security	10 Jul 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-36924	23 May 202505:04	–	redhatcve
Vulnrichment	CVE-2023-36924 Log Injection vulnerability in SAP ERP Defense Forces and Public Security	11 Jul 202302:57	–	vulnrichment

NVD

Vulners

Node

sap erp_defense_forces_and_public_securityMatch600

sap erp_defense_forces_and_public_securityMatch603

sap erp_defense_forces_and_public_securityMatch604

sap erp_defense_forces_and_public_securityMatch605

sap erp_defense_forces_and_public_securityMatch616

sap erp_defense_forces_and_public_securityMatch617

sap erp_defense_forces_and_public_securityMatch618

sap erp_defense_forces_and_public_securityMatch802

sap erp_defense_forces_and_public_securityMatch803

sap erp_defense_forces_and_public_securityMatch804

sap erp_defense_forces_and_public_securityMatch805

sap erp_defense_forces_and_public_securityMatch806

sap erp_defense_forces_and_public_securityMatch807

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP ERP Defense Forces and Public Security",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "600"
      },
      {
        "status": "affected",
        "version": "603"
      },
      {
        "status": "affected",
        "version": "604"
      },
      {
        "status": "affected",
        "version": "605"
      },
      {
        "status": "affected",
        "version": "616"
      },
      {
        "status": "affected",
        "version": "617"
      },
      {
        "status": "affected",
        "version": "618"
      },
      {
        "status": "affected",
        "version": "802"
      },
      {
        "status": "affected",
        "version": "803"
      },
      {
        "status": "affected",
        "version": "804"
      },
      {
        "status": "affected",
        "version": "805"
      },
      {
        "status": "affected",
        "version": "806"
      },
      {
        "status": "affected",
        "version": "807"
      }
    ]
  }
]

Source	Link
me	www.me.sap.com/notes/3351410
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

21 Nov 2024 08:10Current

5.1Medium risk

Vulners AI Score5.1

CVSS 3.14.9

EPSS0.00139

SSVC

CWE-117