CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-42480

The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute force the login functionality to identify the legitimate user ids. This will have an impact on confidentiality but there is no other impact on integrity or availability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.3%

CVSS Severity

CVSS v3 Score 5.3

References

https://me.sap.com/notes/3366410
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://me.sap.com/notes/3366410
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Products affected by CVE-2023-42480

Sap » Netweaver Application Server Java » Version: 7.50

cpe:2.3:a:sap:netweaver_application_server_java:7.50

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-42480

Products

Pricing

Contact Us