While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could modify all the syslog data causing a complete compromise of integrity of the application.
Metrics
Affected Vendors & Products
References
History
Wed, 23 Oct 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2023-07-11T02:57:27.493Z
Updated: 2024-10-23T16:21:35.645Z
Reserved: 2023-06-27T21:23:26.300Z
Link: CVE-2023-36924
Vulnrichment
Updated: 2024-08-02T17:01:10.031Z
NVD
Status : Modified
Published: 2023-07-11T03:15:10.417
Modified: 2024-11-21T08:10:56.230
Link: CVE-2023-36924
Redhat
No data.