5 matches found
SAP NetWeaver AS Java Multiple Vulnerabilities (November 2023)
SAP NetWeaver Application Server for Java is affected by multiple vulnerabilities, as disclosed in the November SAP Security Patch Day advisory, including the following: - SAP NetWeaver AS Java GRMG Heartbeat application version 7.50 allows an unauthenticated attacker to send a crafted request fr...
CVE-2023-42477
SAP NetWeaver AS Java GRMG Heartbeat application - version 7.50, allows an attacker to send a crafted request from a vulnerable web application, causing limited impact on confidentiality and integrity of the application...
CVE-2023-42477 Server-Side Request Forgery in SAP NetWeaver AS Java (GRMG Heartbeat application)
SAP NetWeaver AS Java GRMG Heartbeat application - version 7.50, allows an attacker to send a crafted request from a vulnerable web application, causing limited impact on confidentiality and integrity of the application...
CVE-2023-42477
CVE-2023-42477 affects SAP NetWeaver AS Java GRMG Heartbeat (version 7.50). The vulnerability permits an unauthenticated attacker to send a crafted request from a vulnerable web application, with limited impact on confidentiality and integrity (as described in multiple sources). The CVSS vector i...
PT-2023-5868 · Sap · Sap Netweaver As Java
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS Java GRMG Heartbeat application version 7.50 Description: The issue is related to insufficient validation of incoming requests in the Generic Request and Message Generator GRMG/Heartbeat service of the SAP NetWeaver AS for Ja...