Vulnerabilities > CVE-2023-31405 - Unspecified vulnerability in SAP Netweaver Application Server for Java 7.50

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

sap

NVD

Published: 2023-07-11

Updated: 2024-11-21

Summary

SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated attacker to craft a request over the network which can result in unwarranted modifications to a system log without user interaction. There is no ability to view any information or any effect on availability.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Netweaver Application Server FOR Java 7.50	1

References

https://me.sap.com/notes/3324732
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://me.sap.com/notes/3324732
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html