Lucene search
K

27 matches found

CVE
CVE
added 2023/08/08 12:39 a.m.70 views

CVE-2023-37483

CVE-2023-37483 affects SAP PowerDesigner 16.7. The issue is improper access control that could let an unauthenticated attacker run arbitrary queries against the backend database via the proxy. Impact is high (confidentiality, integrity, availability each rated high). Exploitation details are not ...

9.8CVSS9.7AI score0.01041EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/08/08 12:39 a.m.32 views

CVE-2023-37483 Improper Access Control Vulnerabilities in SAP PowerDesigner

SAP PowerDesigner - version 16.7, has improper access control which might allow an unauthenticated attacker to run arbitrary queries against the back-end database via Proxy...

9.8CVSS9.8AI score0.01041EPSS
Exploits0References2
NVD
NVD
added 2023/05/09 2:15 a.m.18 views

CVE-2023-32111

In SAP PowerDesigner Proxy - version 16.7, an attacker can send a crafted request from a remote host to the proxy machine and crash the proxy server, due to faulty implementation of memory management causing a memory corruption. This leads to a high impact on availability of the application...

7.5CVSS7.5AI score0.00635EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/09 1:38 a.m.14 views

CVE-2023-32111 Memory Corruption vulnerability in SAP PowerDesigner (Proxy)

In SAP PowerDesigner Proxy - version 16.7, an attacker can send a crafted request from a remote host to the proxy machine and crash the proxy server, due to faulty implementation of memory management causing a memory corruption. This leads to a high impact on availability of the application...

7.5CVSS7.7AI score0.00635EPSS
Exploits0References2
NVD
NVD
added 2022/06/14 7:15 p.m.16 views

CVE-2022-31590

SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the...

7.8CVSS0.00243EPSS
Exploits0References2
Prion
Prion
added 2022/06/14 7:15 p.m.26 views

Code injection

SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the...

7.2CVSS7.7AI score0.00243EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/06/14 6:39 p.m.70 views

CVE-2022-31590

CVE-2022-31590 affects SAP PowerDesigner Proxy 16.7. An attacker with low privileges and local access can bypass root-disk access restrictions to write a program file on the system disk root, which could be executed with elevated privileges during startup or reboot, potentially impacting confiden...

7.8CVSS7.7AI score0.00243EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder