Vulnerabilities > CVE-2023-42477 - Server-Side Request Forgery (SSRF) vulnerability in SAP Netweaver Application Server Java 7.50

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
sap
CWE-918

Summary

SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50, allows an attacker to send a crafted request from a vulnerable web application, causing limited impact on confidentiality and integrity of the application.

Vulnerable Configurations

Part Description Count
Application
Sap
1

Common Weakness Enumeration (CWE)