CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36925 – Unauthenticated blind SSRF in SAP Solution Manager (Diagnostics agent)
https://notcve.org/view.php?id=CVE-2023-36925
11 Jul 2023 — SAP Solution Manager (Diagnostics agent) - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application and other applications the Diagnostics Agent can reach. • https://me.sap.com/notes/3352058 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 0CVE-2023-36924 – Log Injection vulnerability in SAP ERP Defense Forces and Public Security
https://notcve.org/view.php?id=CVE-2023-36924
11 Jul 2023 — While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could modify all the syslog data causing a complete compromise of integrity of the application. • https://me.sap.com/notes/3351410 • CWE-117: Improper Output Neutralization for Logs •
CVSS: 9.1EPSS: 0%CPEs: 15EXPL: 0CVE-2023-36922 – OS command injection vulnerability in SAP ECC and SAP S/4HANA (IS-OIL)
https://notcve.org/view.php?id=CVE-2023-36922
11 Jul 2023 — Due to programming error in function module and report, IS-OIL component in SAP ECC and SAP S/4HANA allows an authenticated attacker to inject an arbitrary operating system command into an unprotected parameter in a common (default) extension. On successful exploitation, the attacker can read or modify the system data as well as shut down the system. • https://me.sap.com/notes/3350297 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36921 – Header Injection in SAP Solution Manager (Diagnostic Agent)
https://notcve.org/view.php?id=CVE-2023-36921
11 Jul 2023 — SAP Solution Manager (Diagnostics agent) - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application. • https://me.sap.com/notes/3348145 • CWE-116: Improper Encoding or Escaping of Output CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36919 – Information Disclosure in SAP Enable Now
https://notcve.org/view.php?id=CVE-2023-36919
11 Jul 2023 — In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Referrer-Policy response header is not implemented, allowing an unauthenticated attacker to obtain referrer details, resulting in information disclosure. • https://launchpad.support.sap.com/#/notes/3326769 • CWE-116: Improper Encoding or Escaping of Output CWE-213: Exposure of Sensitive Information Due to Incompatible Policies CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36918 – Cross-Site Scripting vulnerability in SAP Enable Now
https://notcve.org/view.php?id=CVE-2023-36918
11 Jul 2023 — In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-Content-Type-Options response header is not implemented, allowing an unauthenticated attacker to trigger MIME type sniffing, which leads to Cross-Site Scripting, which could result in disclosure or modification of information. • https://launchpad.support.sap.com/#/notes/3326769 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-36917 – Password Change rate limit bypass in SAP BusinessObjects Business Intelligence Platform
https://notcve.org/view.php?id=CVE-2023-36917
11 Jul 2023 — SAP BusinessObjects Business Intelligence Platform - version 420, 430, allows an unauthorized attacker who had hijacked a user session, to be able to bypass the victim’s old password via brute force, due to unrestricted rate limit for password change functionality. Although the attack has no impact on integrity loss or system availability, this could lead to an attacker to completely takeover a victim’s account. • https://me.sap.com/notes/3320702 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.4EPSS: 0%CPEs: 14EXPL: 0CVE-2023-35874 – Improper authentication vulnerability in SAP NetWeaver AS ABAP and ABAP Platform
https://notcve.org/view.php?id=CVE-2023-35874
11 Jul 2023 — SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL, 7.53, KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.92, KERNEL 7.93, under some conditions, performs improper authentication checks for functionalities that require user identity. An attacker can perform malicious actions over the network, extending the scope of impact, causing a limited impact on confidentialit... • https://me.sap.com/notes/3318850 • CWE-287: Improper Authentication CWE-306: Missing Authentication for Critical Function •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35873 – Missing Authentication check in SAP NetWeaver Process Integration (Runtime Workbench)
https://notcve.org/view.php?id=CVE-2023-35873
11 Jul 2023 — The Runtime Workbench (RWB) of SAP NetWeaver Process Integration - version SAP_XITOOL 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The vulnerability does not allow access to sensitive information or administrative functionalities. On successful exploitation an attacker can cause limited impact on confidentiality and availability of the application. The R... • https://me.sap.com/notes/3343547 • CWE-306: Missing Authentication for Critical Function •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35872 – Missing Authentication check in SAP NetWeaver Process Integration (Message Display Tool)
https://notcve.org/view.php?id=CVE-2023-35872
11 Jul 2023 — The Message Display Tool (MDT) of SAP NetWeaver Process Integration - version SAP_XIAF 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The vulnerability does not allow access to sensitive information or administrative functionalities. On successful exploitation an attacker can cause limited impact on confidentiality and availability of the application. The ... • https://me.sap.com/notes/3343564 • CWE-306: Missing Authentication for Critical Function •