Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2023-0021

Published: 14/03/2023 Updated: 07/11/2023
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Sap

Vulnerability Summary

Due to insufficient encoding of user input, SAP NetWeaver - versions 700, 701, 702, 731, 740, 750, allows an unauthenticated malicious user to inject code that may expose sensitive data like user ID and password, which could lead to reflected Cross-Site scripting. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application.

Vulnerable Product Search on Vulmon Subscribe to Product

sap netweaver 701

sap netweaver 702

sap netweaver 700

sap netweaver 731

sap netweaver 740

sap netweaver 750

References

CWE-79https://launchpad.support.sap.com/#/notes/3274920https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlhttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAPCVE-2024-4367server-side request forgeryinformation disclosureCVE-2024-34342CVE-2024-4281CVE-2024-3507CVE-2024-25560CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook