Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2023-42475

🗓️ 10 Oct 2023 01:37:36Reported by sapType 
cve
 cve🔗 web.nvd.nist.gov👁 35 Views

The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of the SAP S/4HANA software platform, related to the lack of protection for operational data, allows attackers to disclose protected information.
20 Oct 202300:00
bdu_fstec
Circl		CVE-2023-42475
10 Oct 202307:30
circl
CNNVD		SAP S/4HANA Information Disclosure Vulnerability
10 Oct 202300:00
cnnvd
Cvelist		CVE-2023-42475 Information Disclosure Vulnerability in Statutory Reporting
10 Oct 202301:37
cvelist
EUVD		EUVD-2023-46915
3 Oct 202520:07
euvd
NCSC		Vulnerabilities fixed in SAP products
10 Oct 202300:00
ncsc
NVD		CVE-2023-42475
10 Oct 202302:15
nvd
Prion		Code injection
10 Oct 202302:15
prion
Positive Technologies		PT-2023-6223 · Sap · Sap S/4Hana
9 Oct 202300:00
ptsecurity
Vulnrichment		CVE-2023-42475 Information Disclosure Vulnerability in Statutory Reporting
10 Oct 202301:37
vulnrichment
Rows per page
NVD
Vulners
Node
saps/4hanaMatch102
OR
saps/4hanaMatch103
OR
saps/4hanaMatch104
OR
saps/4hanaMatch105
OR
saps/4hanaMatch106
OR
saps/4hanaMatch128
[
  {
    "defaultStatus": "unaffected",
    "product": "SAP S/4HANA Core",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "S4CORE 102"
      },
      {
        "status": "affected",
        "version": "S4CORE 103"
      },
      {
        "status": "affected",
        "version": "S4CORE 104"
      },
      {
        "status": "affected",
        "version": "S4CORE 105"
      },
      {
        "status": "affected",
        "version": "S4CORE 106"
      },
      {
        "status": "affected",
        "version": "SAPSCORE 128"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 08:22Current
4.4Medium risk
Vulners AI Score4.4
CVSS 3.14.3
EPSS0.002
SSVC
CWE-209
cve-2023-42475statutory reportingvulnerable file storageserver filesinformation security
35