admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-245xx/CVE-2023-24529.json
cad-safe-bot 5fc0b01395 Auto-Update: 2024-12-15T03:00:19.262894+00:00
2024-12-15 03:03:56 +00:00

184 lines
6.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-24529",
"sourceIdentifier": "cna@sap.com",
"published": "2023-02-14T04:15:12.977",
"lastModified": "2024-11-21T07:48:03.890",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper input validation, BSP application (CRM_BSP_FRAME) - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H, allow malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a Reflected Cross-Site Scripting (XSS) attack. As a result, an attacker may be able to hijack a user session, read and modify some sensitive information.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6E948A-59A4-460A-8369-68E9A94CA4EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2AC049-E6B5-4954-875A-7E66F2CEFEDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "1097BE81-D7C7-4288-82A8-F5FA0EB492E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AA4EAF-ED70-4FEC-85B5-C8229EB5F600"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "0F822C6B-3047-4EB1-9A85-EE10EA592DE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "689471D5-2189-48AF-ACE9-41DA4B642B1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:7.51:*:*:*:*:*:*:*",
"matchCriteriaId": "CD618C71-34FF-414C-86DC-C43C5EEF5D20"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:7.52:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4BD107-F102-4859-9439-955F4DACE96F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:75c:*:*:*:*:*:*:*",
"matchCriteriaId": "63AE465A-45CC-4834-BEC0-589935EFCAD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:75d:*:*:*:*:*:*:*",
"matchCriteriaId": "AAADF821-7088-4D5C-BB6D-2662880AC62D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:75e:*:*:*:*:*:*:*",
"matchCriteriaId": "76E464A9-F2FD-4A91-8562-A33EBABD24E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:75f:*:*:*:*:*:*:*",
"matchCriteriaId": "2D396DE3-DCE7-4CB1-B6AB-85F2A850C180"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:75g:*:*:*:*:*:*:*",
"matchCriteriaId": "DC3734C6-B13F-4BDA-8586-47C18FD1B26E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:75h:*:*:*:*:*:*:*",
"matchCriteriaId": "E3975983-9499-49E2-8A1E-F1F9B2B5A792"
}
]
}
]
}
],
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3282663",
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://launchpad.support.sap.com/#/notes/3282663",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink