Vulnerabilities > CVE-2023-50424 - Unspecified vulnerability in SAP Cloud-Security-Client-Go

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
sap
critical
NVD
Published: 2023-12-12
Updated: 2024-11-21

Summary

SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) - versions < 0.17.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.

Vulnerable Configurations

Part Description Count
Application
Sap
35

References