CVE-2023-41369
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Sep 12, 2023
Updated: Sep 14, 2023
CWE ID 611
Summary
CVE-2023-41369 is a vulnerability affecting the Create Single Payment application in various versions of SAP S/4HANA (100, 101, 102, 103, 104, 105, 106, 107, 108). An attacker can exploit this issue by uploading a malicious XML file as an attachment. Upon opening the file in the browser, the entity loops are triggered, leading to a significant slowdown in browser performance.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- SAP S/4HANA
Affected Vendors
- SAP SE