EUVD-2023-28540

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

SAP NetWeaver AS ABAP allows unauthenticated access through insufficient input sanitization vulnerabilities.

Reporter	Title	Published	Views	Family All 11
CNNVD	SAP NetWeaver AS 跨站脚本漏洞	14 Feb 202300:00	–	cnnvd
CNVD	SAP NetWeaver AS Cross-Site Scripting Vulnerability (CNVD-2023-40169)	1 Mar 202300:00	–	cnvd
CVE	CVE-2023-24522	14 Feb 202303:17	–	cve
Cvelist	CVE-2023-24522	14 Feb 202303:17	–	cvelist
NCSC	Vulnerabilities fixed in SAP products	14 Feb 202300:00	–	ncsc
NVD	CVE-2023-24522	14 Feb 202304:15	–	nvd
Prion	Input validation	14 Feb 202304:15	–	prion
Positive Technologies	PT-2023-19670 · Sap · Sap Netweaver As Abap	14 Feb 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-24522	23 May 202501:55	–	redhatcve
Tenable Nessus	SAP NetWeaver AS ABAP Multiple Vulnerabilities (Feb 2023)	15 Feb 202300:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "cad7ce3d-6fda-32ce-857e-4061c2f1d2ca",
        "vendor": {
          "name": "SAP"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "37464e93-9200-36d2-a880-3c0e06702b01",
        "product": {
          "name": "NetWeaver AS ABAP (BSP Framework)"
        },
        "product_version": "740"
      },
      {
        "id": "65fb6dc1-4917-371c-94b5-c6637702dbe8",
        "product": {
          "name": "NetWeaver AS ABAP (BSP Framework)"
        },
        "product_version": "700"
      },
      {
        "id": "9c3833b4-b998-3b94-a460-71be1a3d23b8",
        "product": {
          "name": "NetWeaver AS ABAP (BSP Framework)"
        },
        "product_version": "702"
      },
      {
        "id": "bb5cf265-1695-370f-9c2e-5e6b660ed63f",
        "product": {
          "name": "NetWeaver AS ABAP (BSP Framework)"
        },
        "product_version": "731"
      },
      {
        "id": "e870e450-e507-38e6-a6c2-8a1b1ed6bc9c",
        "product": {
          "name": "NetWeaver AS ABAP (BSP Framework)"
        },
        "product_version": "701"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

03 Oct 2025 20:07Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.16.1

EPSS0.01438

SSVC