7 matches found
CVE-2023-50424
SAP BTP Security Services Integration Library Golang github.com/sap/cloud-security-client-go - versions 0.17.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application...
CVE-2023-50424
creationtimestamp| type| source ---|---|--- 2024-01-01 17:07:17+00:00| seen| https://t.me/ctinow/161382...
Improper Privilege Management in github.com/sap/cloud-security-client-go
Impact SAP BTP Security Services Integration Library Golang github.com/sap/cloud-security-client-go allows under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application. Patches Upgrade to...
com.sap.cds:cds-starter-cloudfoundry (>=1.19.0 <=1.34.7), com.sap.cds:cds-starter-k8s (>=1.34.0 <=1.34.7) +4 more potentially affected by CVE-2023-50422 +1 more via com.sap.cloud.security.xsuaa:spring-xsuaa (>=1.3.0 <=2.16.0)
com.sap.cloud.security.xsuaa:spring-xsuaa MAVEN version =1.3.0, =1.19.0, =1.34.0, =2.11.16, =2.10.0, =1.3.0, =1.6.0, =2.16.0 Source cves: CVE-2023-50422, CVE-2023-50424 Source advisory: OSV:GHSA-59C9-PXQ8-9C73...
CVE-2023-50424 Escalation of Privileges in SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go)
SAP BTP Security Services Integration Library Golang github.com/sap/cloud-security-client-go - versions 0.17.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application...
CVE-2023-50424 Escalation of Privileges in SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go)
SAP BTP Security Services Integration Library Golang github.com/sap/cloud-security-client-go - versions 0.17.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application...
CVE-2023-50424
CVE-2023-50424 affects SAP BTP Security Services Integration Library (Go: github.com/sap/cloud-security-client-go) and versions = 0.17.0 (or newer as released). Other advisories reinforce upgrading as the primary mitigation; no exploits/immediate weaponization details are provided in the connecte...