Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.22 views

SAP BTP Python Library sap-xssec < 4.1.0 Privilege Escalation

The detected version of SAP BTP python package, sap-xssec, is prior to version 4.1.0. It is, therefore, affected by a privilege escalation vulnerability. An unauthenticated, remote attacker can exploit this to gain arbitrary permissions within the applicaiton. Note that Nessus has not tested for...

9.8CVSS8.6AI score0.01109EPSS
Exploits0References2
OSV
OSV
added 2023/12/13 1:34 p.m.12 views

GHSA-6MJG-37CP-42X5 Improper Privilege Management in sap-xssec

Impact SAP BTP Security Services Integration Library Python sap-xssec allows under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application. Patches Upgrade to patched version = 4.1.0 We always...

9.3CVSS9.7AI score0.01109EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2023/12/13 1:34 p.m.32 views

Improper Privilege Management in sap-xssec

Impact SAP BTP Security Services Integration Library Python sap-xssec allows under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application. Patches Upgrade to patched version = 4.1.0 We always...

9.8CVSS7.4AI score0.01109EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2023/12/12 1:52 a.m.56 views

CVE-2023-50423

The CVE-2023-50423 entry concerns the SAP BTP Security Services Integration Library, specifically the Python package sap-xssec, versions prior to 4.1.0. Multiple connected sources confirm a privilege-escalation vulnerability where an unauthenticated attacker, via the affected library, can obtain ...

9.8CVSS9.6AI score0.01109EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2023/12/12 1:52 a.m.37 views

CVE-2023-50423 Escalation of Privileges in SAP BTP Security Services Integration Library ([Python] cloud-pysec)

SAP BTP Security Services Integration Library Python sap-xssec - versions 4.1.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application...

9.1CVSS9.8AI score0.01109EPSS
Exploits0References6
Rows per page
Query Builder