admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-413xx/CVE-2023-41369.json
cad-safe-bot 8e4894e0c7 Auto-Update: 2023-09-14T04:00:25.753690+00:00
2023-09-14 04:00:29 +00:00

142 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-41369",
"sourceIdentifier": "cna@sap.com",
"published": "2023-09-12T02:15:12.983",
"lastModified": "2023-09-14T02:11:35.203",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Create Single Payment application of SAP S/4HANA\u00a0- versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attacker to upload the XML file as an attachment.\u00a0When clicked on the XML file in the attachment section, the file gets opened in the browser to cause the\u00a0entity loops to slow down the browser.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:100:*:*:*:*:*:*:*",
"matchCriteriaId": "D978AA69-72A7-4A7E-B3A1-8D342B4B77CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:101:*:*:*:*:*:*:*",
"matchCriteriaId": "7A800EB9-BD11-46B8-9866-31088F01D433"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:102:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE80980-12A5-40D7-8992-5C81FC82935E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:103:*:*:*:*:*:*:*",
"matchCriteriaId": "82AAE66A-7112-4E83-9094-2AA571144F64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:104:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF0FD31-F4F3-470A-9CB5-DE339D7334FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:105:*:*:*:*:*:*:*",
"matchCriteriaId": "A52E5AE7-D16E-4122-A39E-20A2CAB9A146"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:106:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEF60F9-E053-4D22-AA65-9C1CA5130374"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:107:*:*:*:*:*:*:*",
"matchCriteriaId": "8606117E-F864-474F-8839-F6BAB51113E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:108:*:*:*:*:*:*:*",
"matchCriteriaId": "F794CB63-BF34-42D5-9998-CD2F2B2FF25F"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3369680",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink