Lucene search
PRIOn knowledge basePRION:CVE-2023-36920HistoryOct 30, 2023 - 5:15 p.m.
Information disclosure
2023-10-3017:15:00
PRIOn knowledge base
www.prio-n.com
5
sap enable now
version
x-frame-options
clickjacking
vulnerability
information disclosure
modification
unauthenticated attacker
nvd
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-FRAME-OPTIONS response header is not implemented, allowing an unauthenticated attacker to attempt clickjacking, which could result in disclosure or modification of information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| enable_now_enable_now_consump_del | eq | 1704 | |
| enable_now_wpb_manager | eq | 1.0 | |
| enable_now_wpb_manager_ce | eq | 10 | |
| enable_now_wpb_manager_hana | eq | 10 |
Related
cvelist
cvelist
CVE-2023-36920 Clickjacking vulnerability in SAP Enable Now
2023-10-30 16:51:52
cve
cve
CVE-2023-36920
2023-10-30 17:15:52
nvd
nvd
CVE-2023-36920
2023-10-30 17:15:52