admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-29 05:56:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-358xx/CVE-2023-35871.json
cad-safe-bot ff38acee48 Auto-Update: 2023-08-14T16:00:29.026658+00:00
2023-08-14 16:00:32 +00:00

207 lines
7.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-35871",
"sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.867",
"lastModified": "2023-08-14T14:15:10.587",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP 7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, has a vulnerability that can be exploited by an unauthenticated attacker to cause memory corruption through logical errors in memory management this may leads to information disclosure or system crashes, which can have low impact on confidentiality and high impact on the integrity and availability of the system.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5
},
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "47D4D542-2EC2-490B-B4E9-3E7BB8D59B77"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "950DF1E2-990E-41EF-8779-CEC54C7CDC60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "E33D9481-3CF6-4AA3-B115-7903AC6DAE25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "F74EE4D5-E968-4851-89E6-4152F64930F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "097ED3E8-49B1-497E-BD43-28C397FBEAE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.91:*:*:*:*:*:*:*",
"matchCriteriaId": "AC165964-CB7E-40BC-A63E-7CD0E34CF93D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.92:*:*:*:*:*:*:*",
"matchCriteriaId": "C72FF95D-9A43-4788-810F-2FFE408A1CFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9105215B-CB70-4063-9302-138F54DD2672"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:hdb_2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4A56FB-16CB-4ACA-A961-01F57B1A11F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E4BC89-114A-4EA3-A9E8-D956A26BCB18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "65A5FFAC-93F9-4204-9FA1-4D749D443173"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "E0098E57-6A7F-4CC6-8109-E2400E0FFFEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "E7ABB030-9A13-4194-A2A4-9623B2F22D7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "DB22EAAE-F75C-4902-9734-52B048D5D7B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.91:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB56066-A70F-4162-9E7F-829DE9862467"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.92:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDC3937-9B43-46AF-B003-D5C0B181B214"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.93:*:*:*:*:*:*:*",
"matchCriteriaId": "30459CD4-451D-4C3D-8FE2-17552F83D7CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:krnl64uc_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8CD933-E217-445A-B244-C07625F9EE74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:sap_extended_app_services_1:*:*:*:*:*:*:*",
"matchCriteriaId": "216C4CEE-E514-43FB-8819-591AF721E2ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:xs_advanced_runtime_1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9D3697-7C80-4629-AE7A-73BDE5C558B2"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3340735",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink