2 matches found
CVE-2023-33989
An attacker with non-administrative authorizations in SAP NetWeaver BI CONT ADD ON - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written leading to system...
CVE-2023-33989
CVE-2023-33989 concerns SAP NetWeaver BI CONT ADD ON (versions 707, 737, 747, 757) with a directory traversal flaw that can overwrite system files. The root cause is improper path filtering, allowing an attacker with non-administrative authorizations (network access) to target OS files and potent...