Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-39436

SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an unauthorized attacker to discover information relating to SRM within Vendor Master Data for Business Partners replication functionality.This information could be used to allow the attacker to specialize their attacks against SRM.

Published

2023-08-08T01:15:19.150

Last Modified

2024-11-21T08:15:25.353

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.8 (MEDIUM)

Weaknesses

Type: Primary
CWE-306

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	sap	supplier_relationship_management	600	Yes
Application	sap	supplier_relationship_management	602	Yes
Application	sap	supplier_relationship_management	603	Yes
Application	sap	supplier_relationship_management	604	Yes
Application	sap	supplier_relationship_management	605	Yes
Application	sap	supplier_relationship_management	606	Yes
Application	sap	supplier_relationship_management	616	Yes
Application	sap	supplier_relationship_management	617	Yes

References

https://me.sap.com/notes/2067220 Permissions Required ([email protected])
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html Vendor Advisory ([email protected])
https://me.sap.com/notes/2067220 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)