CVSS 3.1 Score 8.6 of 10 (high)


Published Jul 11, 2023
Updated: Jul 18, 2023
CWE ID 444


CVE-2023-33987 is a high-severity vulnerability that affects SAP Web Dispatcher versions WEBDISP 7.49, WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.81, WEBDISP 7.85, WEBDISP 7.88, WEBDISP 7.89, WEBDISP 7.90, KERNEL 7.49, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.88, KERNEL 7.89, KERNEL 7.90, KRNL64NUC 7.49, KRNL64UC 7.49, KRNL64UC 7.53, HDB2 .00 , XS_ADVANCED_RUNTIME1 .00 and SAP_EXTENDED_APP_SERVICES1 products under certain conditions of network interaction between front-end and back-end servers may allow an unauthenticated attacker to execute a malicious payload that can read or modify information on the server or temporarily make it unavailable by confusing the boundaries between malicious and legitimate messages in several attempts to exploit this vulnerability on the network level.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-33987 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options