1 results (0.003 seconds)
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-32115 – SQL Injection in Master Data Synchronization (MDS COMPARE TOOL)
https://notcve.org/view.php?id=CVE-2023-32115
An attacker can exploit MDS COMPARE TOOL and use specially crafted inputs to read and modify database commands, resulting in the retrieval of additional information persisted by the system. • https://launchpad.support.sap.com/#/notes/1794761 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •