CVE-2023-29108

CWE-9233 documents3 sources
Severity
5.3MEDIUM
EPSS
0.3%
top 49.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
SAP Abap Platform AND SAP WEB DispatcherSAP Abap Platform KernelSAP WEB Dispatcher
Timeline
PublishedApr 11

Description

The IP filter in ABAP Platform and SAP Web Dispatcher - versions WEBDISP 7.85, 7.89, KERNEL 7.85, 7.89, 7.91, may be vulnerable by erroneous IP netmask handling. This may enable access to backend applications from unwanted sources.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:NExploitability: 3.1 | Impact: 1.4

Affected Packages3 packages

NVDsap/abap_platform_kernel7.85, 7.89, 7.91+2
NVDsap/web_dispatcher7.85, 7.89+1

🔴Vulnerability Details

2
GHSA
GHSA-9mr4-44xj-v8rg: The IP filter in ABAP Platform and SAP Web Dispatcher - versions WEBDISP 72023-04-11
CVEList
IP filter vulnerability in ABAP Platform and SAP Web Dispatcher2023-04-11
CVE-2023-29108 (MEDIUM CVSS 5.3) | The IP filter in ABAP Platform and | cvebase.io