CVE-2023-49587

CWE-77Command Injection3 documents3 sources
Severity
6.4MEDIUM
EPSS
0.1%
top 70.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SAP SE SAP Solution ManagerSAP Solution Manager
Timeline
PublishedDec 12

Description

SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:NExploitability: 3.1 | Impact: 2.7

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
Command Injection vulnerability in SAP Solution Manager2023-12-12
GHSA
GHSA-v5mv-c475-q786: SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same2023-12-12
CVE-2023-49587 (MEDIUM CVSS 6.4) | SAP Solution Manager - version 720 | cvebase.io