While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could modify all the syslog data causing a complete compromise of integrity of the application.
History

Wed, 23 Oct 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2023-07-11T02:57:27.493Z

Updated: 2024-10-23T16:21:35.645Z

Reserved: 2023-06-27T21:23:26.300Z

Link: CVE-2023-36924

cve-icon Vulnrichment

Updated: 2024-08-02T17:01:10.031Z

cve-icon NVD

Status : Modified

Published: 2023-07-11T03:15:10.417

Modified: 2024-11-21T08:10:56.230

Link: CVE-2023-36924

cve-icon Redhat

No data.