CVE-2023-41367

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Sep 12, 2023

Updated: Sep 13, 2023

CWE ID 306

Summary

CVE-2023-41367 is a vulnerability affecting SAP NetWeaver (Guided Procedures) version 7.50. An attacker can bypass authentication checks in the webdynpro application, granting unauthorized access to the admin view of a specific function. Successful exploitation of this issue allows the attacker to view the email address of the user. However, there is no reported impact on data integrity or availability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SAP Net Weaver

Affected Vendors

SAP SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sfees8
https://www.cve.org/CVERecord?id=CVE-2023-41367
https://nvd.nist.gov/vuln/detail/CVE-2023-41367

Back to Vulnerability Database