Vulnerability Details CVE-2023-41366
Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KERNEL 7.94, KERNEL64UC 7.22, KERNEL64UC 7.22EXT, KERNEL64UC 7.53, KERNEL64NUC 7.22, KERNEL64NUC 7.22EXT, allows an unauthenticated attacker to access the unintended data due to the lack of restrictions applied which may lead to low impact in confidentiality and no impact on the integrity and availability of the application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.8%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2023-41366
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel64nuc_7.22
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel64nuc_7.22ext
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.22
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.22ext
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.53
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.22
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.53
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.54
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.77
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.85
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.89
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.91
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.92
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.93
-
cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.94