Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform
CVE-2023-41366
5.3MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 14 November 2023
What is CVE-2023-41366?
Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KERNEL 7.94, KERNEL64UC 7.22, KERNEL64UC 7.22EXT, KERNEL64UC 7.53, KERNEL64NUC 7.22, KERNEL64NUC 7.22EXT, allows an unauthenticated attacker to access the unintended data due to the lack of restrictions applied which may lead to low impact in confidentiality and no impact on the integrity and availability of the application.
Affected Version(s)
SAP NetWeaver Application Server ABAP and ABAP Platform KERNEL 722
SAP NetWeaver Application Server ABAP and ABAP Platform KERNEL 7.53
SAP NetWeaver Application Server ABAP and ABAP Platform KERNEL 7.77