mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
149 lines
6.5 KiB
JSON
149 lines
6.5 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2023-41366",
|
|
"ASSIGNER": "cna@sap.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KERNEL 7.94, KERNEL64UC 7.22, KERNEL64UC 7.22EXT, KERNEL64UC 7.53, KERNEL64NUC 7.22, KERNEL64NUC 7.22EXT, allows an unauthenticated attacker to access the unintended data due to the lack of restrictions applied which may lead to low impact in confidentiality and no impact on the integrity and availability of the application.\n\n"
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere",
|
|
"cweId": "CWE-497"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "SAP_SE",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "SAP NetWeaver Application Server ABAP and ABAP Platform",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 722"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.53"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.77"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.85"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.89"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.54"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.91"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.92"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.93"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.94"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL64UC 7.22"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL64UC 7.22EXT"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL64UC 7.53"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL64NUC 7.22"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL64NUC 7.22EXT"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://me.sap.com/notes/3362849",
|
|
"refsource": "MISC",
|
|
"name": "https://me.sap.com/notes/3362849"
|
|
},
|
|
{
|
|
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
|
|
"refsource": "MISC",
|
|
"name": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.1.0-dev"
|
|
},
|
|
"source": {
|
|
"discovery": "UNKNOWN"
|
|
},
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "NETWORK",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.3,
|
|
"baseSeverity": "MEDIUM",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "NONE",
|
|
"privilegesRequired": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
|
"version": "3.1"
|
|
}
|
|
]
|
|
}
|
|
} |