3 matches found
CVE-2023-24523
An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent Start Service - versions 7.21, 7.22, can submit a crafted ConfigureOutsideDiscovery request with an operating system command which will be executed with administrator privileges. The OS...
CVE-2023-24523
An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent Start Service - versions 7.21, 7.22, can submit a crafted ConfigureOutsideDiscovery request with an operating system command which will be executed with administrator privileges. The OS...
CVE-2023-24523
Summary: CVE-2023-24523 affects SAP Host Agent (Start Service) version 7.21 and 7.22. A non-admin user with local access can trigger ConfigureOutsideDiscovery to execute an OS command with administrator privileges, enabling read/modify of any user or system data and potentially making the system ...