CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-27895

SAP Authenticator for Android - version 1.3.0, allows the screen to be captured, if an authorized attacker installs a malicious app on the mobile device. The attacker could extract the currently views of the OTP and the secret OTP alphanumeric token during the token setup. On successful exploitation, an attacker can read some sensitive information but cannot modify and delete the data.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.5%

CVSS Severity

CVSS v3 Score 6.1

References

https://launchpad.support.sap.com/#/notes/3302710
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://launchpad.support.sap.com/#/notes/3302710
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Products affected by CVE-2023-27895

Sap » Authenticator » Version: 1.3.0

cpe:2.3:a:sap:authenticator:1.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-27895

Products

Pricing

Contact Us