SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL, 7.53, KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.92, KERNEL 7.93, under some conditions, performs improper authentication checks for functionalities that require user identity. An attacker can perform malicious actions over the network, extending the scope of impact, causing a limited impact on confidentiality, integrity and availability.
Metrics
Affected Vendors & Products
References
History
Wed, 23 Oct 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Sat, 28 Sep 2024 22:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-287 |
Sat, 28 Sep 2024 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL, 7.53, KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.92, KERNEL 7.93, under some conditions, performs improper authentication checks for functionalities that require user identity. An attacker can perform malicious actions over the network, extending the scope of impact, causing a limited impact on confidentiality, integrity and availability. | SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL, 7.53, KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.92, KERNEL 7.93, under some conditions, performs improper authentication checks for functionalities that require user identity. An attacker can perform malicious actions over the network, extending the scope of impact, causing a limited impact on confidentiality, integrity and availability. |
Weaknesses | CWE-306 |
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2023-07-11T02:47:11.869Z
Updated: 2024-10-23T16:26:07.026Z
Reserved: 2023-06-19T10:27:44.580Z
Link: CVE-2023-35874
Vulnrichment
Updated: 2024-08-02T16:30:45.380Z
NVD
Status : Modified
Published: 2023-07-11T03:15:10.050
Modified: 2024-11-21T08:08:53.180
Link: CVE-2023-35874
Redhat
No data.