CVE-2023-27269 Directory Traversal vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform

🗓️ 14 Mar 2023 04:58:10Reported by sapType

SAP NetWeaver AS ABAP Directory Traversal Vulnerabilit

Reporter	Title	Published	Views	Family All 16
BDU FSTEC	The vulnerability of SAP NetWeaver AS ABAP and SAP NetWeaver ABAP integration platforms lies in incorrect restrictions on path names to restricted catalogs, allowing attackers to overwrite arbitrary files.	17 Mar 202300:00	–	bdu_fstec
Circl	CVE-2023-27269	15 Mar 202307:54	–	circl
CNNVD	SAP NetWeaver AS 路径遍历漏洞	14 Mar 202300:00	–	cnnvd
CNVD	SAP NetWeaver AS Path Traversal Vulnerability	16 Mar 202300:00	–	cnvd
CVE	CVE-2023-27269	14 Mar 202304:58	–	cve
EUVD	EUVD-2023-31047	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	14 Mar 202300:00	–	ncsc
NCSC	Vulnerabilities fixed in SAP products	11 Apr 202300:00	–	ncsc
NVD	CVE-2023-27269	14 Mar 202305:15	–	nvd
OSV	CVE-2023-27269	14 Mar 202305:15	–	osv

[
  {
    "defaultStatus": "unaffected",
    "product": "NetWeaver Application Server for ABAP and ABAP Platform",
    "vendor": "SAP",
    "versions": [
      {
        "status": "affected",
        "version": "700"
      },
      {
        "status": "affected",
        "version": "701"
      },
      {
        "status": "affected",
        "version": "702"
      },
      {
        "status": "affected",
        "version": "731"
      },
      {
        "status": "affected",
        "version": "740"
      },
      {
        "status": "affected",
        "version": "750"
      },
      {
        "status": "affected",
        "version": "751"
      },
      {
        "status": "affected",
        "version": "752"
      },
      {
        "status": "affected",
        "version": "753"
      },
      {
        "status": "affected",
        "version": "754"
      },
      {
        "status": "affected",
        "version": "755"
      },
      {
        "status": "affected",
        "version": "756"
      },
      {
        "status": "affected",
        "version": "757"
      },
      {
        "status": "affected",
        "version": "791"
      }
    ]
  }
]

Source	Link
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
launchpad	www.launchpad.support.sap.com/

11 Apr 2023 20:24Current

9.3High risk

Vulners AI Score9.3

CVSS 3.19.6

EPSS0.00982

CWE-22