Vulnerabilities > CVE-2023-40624 - Unspecified vulnerability in SAP Netweaver Application Server Abap

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

sap

NVD

Published: 2023-09-12

Updated: 2024-11-21

Summary

SAP NetWeaver AS ABAP (applications based on Unified Rendering) - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, SAP_BASIS 702, SAP_BASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-application. An attacker could thereby control the behavior of this web-application.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Netweaver Application Server Abap 702 SAP Netweaver Application Server Abap 754 SAP Netweaver Application Server Abap 755 SAP Netweaver Application Server Abap 731 SAP Netweaver Application Server Abap 756 SAP Netweaver Application Server Abap 757 SAP Netweaver Application Server Abap 758	7

Summary

Vulnerable Configurations

References