CVE-2023-50424

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 12, 2023

Updated: Dec 15, 2023

CWE ID 269

Summary

CVE-2023-50424 is a privilege escalation vulnerability affecting the SAP BTP Security Services Integration Library, specifically the Golang version (github.com/sap/cloud-security-client-go), prior to 0.17.0. Under certain conditions, this flaw enables unauthenticated attackers to gain arbitrary permissions within the application. Successful exploitation can result in significant security implications.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SAP SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tv_4k_
https://www.cve.org/CVERecord?id=CVE-2023-50424
https://nvd.nist.gov/vuln/detail/CVE-2023-50424

Back to Vulnerability Database

CVE-2023-50424

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations