SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network.
References
Link | Resource |
---|---|
https://me.sap.com/notes/3395306 | Permissions Required |
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
https://me.sap.com/notes/3395306 | Permissions Required |
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Configurations
History
21 Nov 2024, 08:33
Type | Values Removed | Values Added |
---|---|---|
References | () https://me.sap.com/notes/3395306 - Permissions Required | |
References | () https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory |
14 Dec 2023, 15:41
Type | Values Removed | Values Added |
---|---|---|
References | () https://me.sap.com/notes/3395306 - Permissions Required | |
References | () https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.4 |
CPE | cpe:2.3:a:sap:solution_manager:720:*:*:*:*:*:*:* |
12 Dec 2023, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-12 02:15
Updated : 2024-11-21 08:33
NVD link : CVE-2023-49587
Mitre link : CVE-2023-49587
CVE.ORG link : CVE-2023-49587
JSON object : View
Products Affected
sap
- solution_manager
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')