Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-23853

An unauthenticated attacker in AP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, can craft a link which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read or modify some sensitive information or expose the victim to a phishing attack. Vulnerability has no direct impact on availability.

Published

2023-02-14T04:15:11.490

Last Modified

2024-11-21T07:46:57.600

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses
  • Type: Primary
    CWE-601
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application sap netweaver_application_server_abap 700 Yes
Application sap netweaver_application_server_abap 702 Yes
Application sap netweaver_application_server_abap 731 Yes
Application sap netweaver_application_server_abap 740 Yes
Application sap netweaver_application_server_abap 750 Yes
Application sap netweaver_application_server_abap 751 Yes
Application sap netweaver_application_server_abap 752 Yes
Application sap netweaver_application_server_abap 753 Yes
Application sap netweaver_application_server_abap 754 Yes
Application sap netweaver_application_server_abap 755 Yes
Application sap netweaver_application_server_abap 756 Yes
Application sap netweaver_application_server_abap 757 Yes
Application sap netweaver_application_server_abap 789 Yes
Application sap netweaver_application_server_abap 790 Yes
References