CVE-2023-37483

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 8, 2023

Updated: Aug 9, 2023

CWE ID 284

Summary

CVE-2023-37483 is a vulnerability affecting SAP PowerDesigner version 16.7. This issue involves improper access control, allowing unauthenticated attackers to execute arbitrary queries against the back-end database through a proxy. Successful exploitation could lead to unauthorized data access or manipulation. Organizations using this version of SAP PowerDesigner are advised to apply the necessary patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

PowerDesigner

Affected Vendors

SAP SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sQjF2f
https://www.cve.org/CVERecord?id=CVE-2023-37483
https://nvd.nist.gov/vuln/detail/CVE-2023-37483

Back to Vulnerability Database