Vulnerabilities > CVE-2023-29189 - Unspecified vulnerability in SAP products

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

sap

NVD

Published: 2023-04-11

Updated: 2023-04-18

Summary

SAP CRM (WebClient UI) - versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730, 746, 747, 748, 800, 801, allows an authenticated attacker to modify HTTP verbs used in requests to the web server. This application is exposed over the network and successful exploitation can lead to exposure of form fields

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Customer Relationship Management Webclient UI 700 SAP Customer Relationship Management Webclient UI 731 SAP Customer Relationship Management Webclient UI 730 SAP Customer Relationship Management Webclient UI 746 SAP Customer Relationship Management Webclient UI 747 SAP Customer Relationship Management Webclient UI 748 SAP Customer Relationship Management Webclient UI 800 SAP Customer Relationship Management Webclient UI 801 SAP Customer Relationship Management Webclient UI 701 SAP Customer Relationship Management S4Fnd 103 SAP Customer Relationship Management S4Fnd 104 SAP Customer Relationship Management S4Fnd 105 SAP Customer Relationship Management S4Fnd 102	13

Summary

Vulnerable Configurations

References