Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-23859
HistoryFeb 14, 2023 - 4:15 a.m.

CVE-2023-23859

2023-02-1404:15:12
CWE-79
[email protected]
web.nvd.nist.gov
1
sap netweaver
abap platform
unauthenticated attacker
malicious link
sensitive information

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

32.4%

JSON

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information.

Affected configurations

NVD
Node
sapnetweaver_application_server_abapMatch740
OR
sapnetweaver_application_server_abapMatch750
OR
sapnetweaver_application_server_abapMatch751
OR
sapnetweaver_application_server_abapMatch752
OR
sapnetweaver_application_server_abapMatch753
OR
sapnetweaver_application_server_abapMatch754
OR
sapnetweaver_application_server_abapMatch755
OR
sapnetweaver_application_server_abapMatch756
OR
sapnetweaver_application_server_abapMatch757
OR
sapnetweaver_application_server_abapMatch789
OR
sapnetweaver_application_server_abapMatch790

Related

cve 1
prion 1
cnvd 1
cvelist 1
nessus 2
cve
cve
CVE-2023-23859
2023-02-14 04:15:12
prion
prion
Information disclosure
2023-02-14 04:15:00
cnvd
cnvd
SAP NetWeaver AS Cross-Site Scripting Vulnerability (CNVD-2023-40170)
2023-03-01 00:00:00
cvelist
cvelist
CVE-2023-23859
2023-02-14 03:15:54
nessus
nessus
SAP NetWeaver AS ABAP Multiple Vulnerabilities (3268959)
2023-09-15 00:00:00
SAP NetWeaver AS ABAP Multiple Vulnerabilities (Feb 2023)
2023-02-15 00:00:00

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

32.4%

JSON
Related for NVD:CVE-2023-23859
cve1prion1cnvd1cvelist1nessus2