Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KERNEL 7.94, KERNEL64UC 7.22, KERNEL64UC 7.22EXT, KERNEL64UC 7.53, KERNEL64NUC 7.22, KERNEL64NUC 7.22EXT, allows an unauthenticated attacker to access the unintended data due to the lack of restrictions applied which may lead to low impact in confidentiality and no impact on the integrity and availability of the application.
                
            References
                    | Link | Resource | 
|---|---|
| https://me.sap.com/notes/3362849 | Permissions Required | 
| https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | 
| https://me.sap.com/notes/3362849 | Permissions Required | 
| https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | 
Configurations
                    Configuration 1 (hide)
| 
 | 
History
                    No history.
Information
                Published : 2023-11-14 01:15
Updated : 2024-11-21 08:21
NVD link : CVE-2023-41366
Mitre link : CVE-2023-41366
CVE.ORG link : CVE-2023-41366
JSON object : View
Products Affected
                sap
- netweaver_application_server_abap
CWE
                
                    
                        
                        CWE-497
                        
            Exposure of Sensitive System Information to an Unauthorized Control Sphere
