CVE-2023-31405
published 2023-07-11CVE-2023-31405: SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated attacker to craft a request over the network…
medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated attacker to craft a request over the network which can result in unwarranted modifications to a system log without user interaction. There is no ability to view any information or any effect on availability.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | netweaver_application_server_for_java | — | — |
| sap_se | sap_netweaver_as_for_java | — | — |
| sap_se | sap_netweaver_as_for_java | — | — |
| sap_se | sap_netweaver_as_for_java | — | — |