CVE-2023-41369 - OpenCVE

The Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attacker to upload the XML file as an attachment. When clicked on the XML file in the attachment section, the file gets opened in the browser to cause the entity loops to slow down the browser.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Sap	S\/4 Hana

Configuration 1 [-]

OR	cpe:2.3:a:sap:s\/4_hana:100:::::::*
	cpe:2.3:a:sap:s\/4_hana:101:::::::*
	cpe:2.3:a:sap:s\/4_hana:102:::::::*
	cpe:2.3:a:sap:s\/4_hana:103:::::::*
	cpe:2.3:a:sap:s\/4_hana:104:::::::*
	cpe:2.3:a:sap:s\/4_hana:105:::::::*
	cpe:2.3:a:sap:s\/4_hana:106:::::::*
	cpe:2.3:a:sap:s\/4_hana:107:::::::*
	cpe:2.3:a:sap:s\/4_hana:108:::::::*

References

Link	Resource
https://me.sap.com/notes/3369680	Permissions Required
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: sap

Published: 2023-09-12T01:59:03.570Z

Updated: 2023-09-12T01:59:03.570Z

Reserved: 2023-08-29T05:27:56.301Z

Link: CVE-2023-41369

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-09-12T02:15:12.983

Modified: 2023-09-14T02:11:35.203

Link: CVE-2023-41369

JSON object: View

Redhat Information

No data.

CWE

CWE-611

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-41369", "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "state": "PUBLISHED", "assignerShortName": "sap", "dateReserved": "2023-08-29T05:27:56.301Z", "datePublished": "2023-09-12T01:59:03.570Z", "dateUpdated": "2023-09-12T01:59:03.570Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "SAP S/4HANA (Create Single Payment application)", "vendor": "SAP_SE", "versions": [{"status": "affected", "version": "100"}, {"status": "affected", "version": "101"}, {"status": "affected", "version": "102"}, {"status": "affected", "version": "103"}, {"status": "affected", "version": "104"}, {"status": "affected", "version": "105"}, {"status": "affected", "version": "106"}, {"status": "affected", "version": "107"}, {"status": "affected", "version": "108"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The Create Single Payment application of SAP S/4HANA\u00a0- versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attacker to upload the XML file as an attachment.\u00a0When clicked on the XML file in the attachment section, the file gets opened in the browser to cause the\u00a0entity loops to slow down the browser.</p>"}], "value": "The Create Single Payment application of SAP S/4HANA\u00a0- versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attacker to upload the XML file as an attachment.\u00a0When clicked on the XML file in the attachment section, the file gets opened in the browser to cause the\u00a0entity loops to slow down the browser.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-611", "description": "CWE-611: Improper Restriction of XML External Entity Reference", "lang": "eng", "type": "CWE"}]}], "providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2023-09-12T01:59:03.570Z"}, "references": [{"url": "https://me.sap.com/notes/3369680"}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "source": {"discovery": "UNKNOWN"}, "title": "External Entity Loop vulnerability in SAP S/4HANA (Create Single Payment application)", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:s\\/4_hana:100:*:*:*:*:*:*:*", "matchCriteriaId": "D978AA69-72A7-4A7E-B3A1-8D342B4B77CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4_hana:101:*:*:*:*:*:*:*", "matchCriteriaId": "7A800EB9-BD11-46B8-9866-31088F01D433", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4_hana:102:*:*:*:*:*:*:*", "matchCriteriaId": "7EE80980-12A5-40D7-8992-5C81FC82935E", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4_hana:103:*:*:*:*:*:*:*", "matchCriteriaId": "82AAE66A-7112-4E83-9094-2AA571144F64", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4_hana:104:*:*:*:*:*:*:*", "matchCriteriaId": "CFF0FD31-F4F3-470A-9CB5-DE339D7334FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4_hana:105:*:*:*:*:*:*:*", "matchCriteriaId": "A52E5AE7-D16E-4122-A39E-20A2CAB9A146", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4_hana:106:*:*:*:*:*:*:*", "matchCriteriaId": "EAEF60F9-E053-4D22-AA65-9C1CA5130374", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4_hana:107:*:*:*:*:*:*:*", "matchCriteriaId": "8606117E-F864-474F-8839-F6BAB51113E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:s\\/4_hana:108:*:*:*:*:*:*:*", "matchCriteriaId": "F794CB63-BF34-42D5-9998-CD2F2B2FF25F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Create Single Payment application of SAP S/4HANA\u00a0- versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attacker to upload the XML file as an attachment.\u00a0When clicked on the XML file in the attachment section, the file gets opened in the browser to cause the\u00a0entity loops to slow down the browser.\n\n"}, {"lang": "es", "value": "La aplicaci\u00f3n Create Single Payment de SAP S/4HANA - versiones 100, 101, 102, 103, 104, 105, 106, 107, 108, permite a un atacante cargar el archivo XML como datos adjuntos. Cuando se hace clic en el archivo XML en la secci\u00f3n de datos adjuntos, el archivo se abre en el navegador para hacer que los bucles de entidad ralenticen el navegador."}], "id": "CVE-2023-41369", "lastModified": "2023-09-14T02:11:35.203", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 1.4, "source": "cna@sap.com", "type": "Secondary"}]}, "published": "2023-09-12T02:15:12.983", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required"], "url": "https://me.sap.com/notes/3369680"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-611"}], "source": "cna@sap.com", "type": "Primary"}]}