SAP GUI for Windows and SAP GUI for Java allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to write data to a database table. By doing so the attacker could increase response times of the AS ABAP, leading to mild impact on availability.
References
Link | Resource |
---|---|
https://me.sap.com/notes/3392547 | Permissions Required Vendor Advisory |
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2023-12-12T01:10:14.702Z
Updated: 2024-01-16T13:56:46.654Z
Reserved: 2023-11-27T18:07:40.886Z
Link: CVE-2023-49581
JSON object: View
NVD Information
Status : Modified
Published: 2023-12-12T02:15:07.710
Modified: 2024-01-16T14:15:48.123
Link: CVE-2023-49581
JSON object: View
Redhat Information
No data.
CWE