CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-26461

SAP NetWeaver allows (SAP Enterprise Portal) - version 7.50, allows an authenticated attacker with sufficient privileges to access the XML parser which can submit a crafted XML file which when parsed will enable them to access but not modify sensitive files and data. It allows the attacker to view sensitive data which is owned by certain privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.7%

CVSS Severity

CVSS v3 Score 6.8

References

https://launchpad.support.sap.com/#/notes/3284550
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://launchpad.support.sap.com/#/notes/3284550
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Products affected by CVE-2023-26461

Sap » Netweaver Enterprise Portal » Version: 7.50

cpe:2.3:a:sap:netweaver_enterprise_portal:7.50

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-26461

Products

Pricing

Contact Us