CVE-2023-37491

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 8, 2023

Updated: Aug 9, 2023

CWE ID 285

Summary

CVE-2023-37491 is a vulnerability affecting various versions of SAP Message Server, including KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, RNL64UC 7.22, RNL64UC 7.22EXT, RNL64UC 7.53, KRNL64NUC 7.22, and KRNL64NUC 7.22EXT. An authenticated attacker can exploit this issue by bypassing the Access Control List (ACL), allowing unauthorized access to the network of the affected SAP systems. The consequences of this vulnerability include unauthorized read and write access to data and potential system unavailability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SAP SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r5d50B
https://www.cve.org/CVERecord?id=CVE-2023-37491
https://nvd.nist.gov/vuln/detail/CVE-2023-37491

Back to Vulnerability Database

CVE-2023-37491

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations