CVE-2023-23860
Gravedad CVSS v3.1:
MEDIA
Tipo:
CWE-601
Redireccionamiento de URL a sitio no confiable (Open Redirect)
Fecha de publicación:
14/02/2023
Última modificación:
11/04/2023
Descripción
*** Pendiente de traducción *** SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a link, which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read or modify some sensitive information or expose the victim to a phishing attack.<br />
<br />
Impacto
Puntuación base 3.x
6.10
Gravedad 3.x
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:*:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:750:*:*:*:*:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:751:*:*:*:*:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:752:*:*:*:*:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:753:*:*:*:*:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:754:*:*:*:*:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:755:*:*:*:*:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:756:*:*:*:*:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:757:*:*:*:*:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:789:*:*:*:*:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:790:*:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página