EUVD-2023-32712

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

SAP Application Interface Framework allows Excel formula injection, risking confidentiality and integrity.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2023-29109	11 Apr 202307:23	–	circl
CNNVD	SAP Application Interface Framework 安全漏洞	11 Apr 202300:00	–	cnnvd
CVE	CVE-2023-29109	11 Apr 202302:58	–	cve
Cvelist	CVE-2023-29109 Code Injection vulnerability in SAP Application Interface Framework (Message Dashboard)	11 Apr 202302:58	–	cvelist
NCSC	Vulnerabilities fixed in SAP products	11 Apr 202300:00	–	ncsc
NVD	CVE-2023-29109	11 Apr 202303:15	–	nvd
OSV	CVE-2023-29109	11 Apr 202303:15	–	osv
Prion	Design/Logic Flaw	11 Apr 202303:15	–	prion
RedhatCVE	CVE-2023-29109	9 Jan 202609:29	–	redhatcve
Vulnrichment	CVE-2023-29109 Code Injection vulnerability in SAP Application Interface Framework (Message Dashboard)	11 Apr 202302:58	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "d1b8d8e7-f7a1-3597-a7a2-82966c4bc4ca",
        "vendor": {
          "name": "SAP"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "609e9b00-f8e2-3ec3-a733-59b36096bae5",
        "product": {
          "name": "Application Interface Framework (Message Dashboard)"
        },
        "product_version": "SAP_ABA 75C"
      },
      {
        "id": "9e624a04-2038-32f5-aa5c-a9a784bf5f1e",
        "product": {
          "name": "Application Interface Framework (Message Dashboard)"
        },
        "product_version": "AIFX 702"
      },
      {
        "id": "b11c6790-60a0-3b94-840d-ab844df0d52a",
        "product": {
          "name": "Application Interface Framework (Message Dashboard)"
        },
        "product_version": "S4CORE 101"
      },
      {
        "id": "b539d479-185d-3903-96fa-d55c07976199",
        "product": {
          "name": "Application Interface Framework (Message Dashboard)"
        },
        "product_version": "AIF 703"
      },
      {
        "id": "beb1b211-404e-3cb6-8b63-c3d0ba9fa28f",
        "product": {
          "name": "Application Interface Framework (Message Dashboard)"
        },
        "product_version": "SAP_ABA 75D"
      },
      {
        "id": "c4c8173d-19a9-3f14-b129-ae3e69759126",
        "product": {
          "name": "Application Interface Framework (Message Dashboard)"
        },
        "product_version": "SAP_BASIS 755"
      },
      {
        "id": "e64fc64d-3135-34c0-b023-bbdc02c313b3",
        "product": {
          "name": "Application Interface Framework (Message Dashboard)"
        },
        "product_version": "SAP_ABA 75E"
      },
      {
        "id": "e86d23cc-892c-39ee-8201-1a22b892692d",
        "product": {
          "name": "Application Interface Framework (Message Dashboard)"
        },
        "product_version": "SAP_BASIS 756"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

03 Oct 2025 20:07Current

5.2Medium risk

Vulners AI Score5.2

CVSS 3.14.4 - 4.6

EPSS0.00404

SSVC