CVE-2023-37491 — Vulnetix

CVE-2023-37491 PUBLISHED

In SAP Software existieren mehrere Schwachstellen. Diese bestehen in den Komponenten SAP PowerDesigner, B1i module of SAP Business One, SAP ECC, SAP S4/HANA, SAP Commerce Cloud, SAP Netweaver, SAP Business One, SAP BusinessObjects Business Intelligence Platform, SAP Message Server, SRM, SAP NetWeaver Process Integration, SAP Commerce (OCC API), SAP Supplier Relationship Management, SAP NetWeaver AS ABAP and ABAP Platform sowie SAP Host Agent. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.

EPSS 0.04% · 12.9th percentile

Risk Scores

EPSS Score

0.04%

12.9th percentile

Affected Products

Vendor	Product	Versions
SAP	SAP Software

Timeline

Aug 7, 2023 CVE Published
Aug 8, 2023 EPSS Score
Sep 10, 2023 EPSS Score
Oct 13, 2023 EPSS Score
Nov 15, 2023 EPSS Score
Dec 18, 2023 EPSS Score
Jan 20, 2024 EPSS Score
Feb 22, 2024 EPSS Score
Mar 26, 2024 EPSS Score
Apr 29, 2024 EPSS Score
Jun 1, 2024 EPSS Score
Jul 4, 2024 EPSS Score

References

Open in Interactive Console →