Memory Corruption vulnerability in SAP PowerDesigner (Proxy)
CVE-2023-32111

7.5HIGH

Key Information:

Vendor: SAP
Status: SAP Powerdesigner (proxy)
Vendor: CVE Published:; 9 May 2023

What is CVE-2023-32111?

In SAP PowerDesigner Proxy version 16.7, malicious actors can exploit a flaw in memory management by sending specially crafted requests from a remote location. This exploit can cause the proxy server to crash, severely disrupting the availability of the application and impacting business operations reliant on SAP PowerDesigner. It is crucial for users to assess their systems and implement necessary security measures to mitigate this vulnerability.

Affected Version(s)

SAP PowerDesigner (Proxy) 16.7

References

https://launchpad.support.sap.com/#/notes/3300624

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 9, 2023
Vulnerability Reserved
May 3, 2023