SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to create Layout configurations of the ABAP List Viewer and with this causing a mild impact on integrity and availability, e.g. also increasing the response times of the AS ABAP.
References
Link | Resource |
---|---|
https://me.sap.com/notes/3385711 | Permissions Required Vendor Advisory |
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
28 Sep 2024, 23:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to create Layout configurations of the ABAP List Viewer and with this causing a mild impact on integrity and availability, e.g. also increasing the response times of the AS ABAP. | |
CWE | CWE-732 |
19 Dec 2023, 14:50
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:sap:graphical_user_interface:sap_basis_758:*:*:*:*:java:*:* cpe:2.3:a:sap:graphical_user_interface:sap_basis_756:*:*:*:*:windows:*:* cpe:2.3:a:sap:graphical_user_interface:sap_basis_757:*:*:*:*:java:*:* cpe:2.3:a:sap:graphical_user_interface:sap_basis_755:*:*:*:*:java:*:* cpe:2.3:a:sap:graphical_user_interface:sap_basis_757:*:*:*:*:windows:*:* cpe:2.3:a:sap:graphical_user_interface:sap_basis_755:*:*:*:*:windows:*:* cpe:2.3:a:sap:graphical_user_interface:sap_basis_758:*:*:*:*:windows:*:* cpe:2.3:a:sap:graphical_user_interface:sap_basis_756:*:*:*:*:java:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.3 |
CWE | NVD-CWE-noinfo | |
References | () https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory | |
References | () https://me.sap.com/notes/3385711 - Permissions Required, Vendor Advisory |
12 Dec 2023, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-12 02:15
Updated : 2024-09-28 23:15
NVD link : CVE-2023-49580
Mitre link : CVE-2023-49580
CVE.ORG link : CVE-2023-49580
JSON object : View
Products Affected
sap
- graphical_user_interface
CWE