CVE-2023-24528
published 2023-02-14CVE-2023-24528: SAP Fiori apps for Travel Management in SAP ERP (My Travel Requests) - version 600, allows an authenticated attacker to exploit a certain misconfigured…
medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
SAP Fiori apps for Travel Management in SAP ERP (My Travel Requests) - version 600, allows an authenticated attacker to exploit a certain misconfigured application endpoint to view sensitive data. This endpoint is normally exposed over the network and successful exploitation can lead to exposure of data like travel documents.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | fiori | — | — |
| sap | fiori_apps_1.0_for_travel_management_in_sap_erp | — | — |