CVE-2023-42477

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Oct 10, 2023

Updated: Oct 16, 2023

CWE ID 918

Summary

CVE-2023-42477 is a vulnerability affecting the SAP NetWeaver AS Java GRMG Heartbeat application, version 7.50. An attacker can exploit this issue by sending a specially crafted request through a vulnerable web application. The impact of this vulnerability is limited, affecting only the confidentiality and integrity of the application. No direct data leakage or system compromise is reported. It's essential for organizations using this version to apply the available patch as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SAP Net Weaver

Affected Vendors

SAP SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sprlfz
https://www.cve.org/CVERecord?id=CVE-2023-42477
https://nvd.nist.gov/vuln/detail/CVE-2023-42477

Back to Vulnerability Database