CVE-2023-0014
Published Jan 10, 2023
Last updated a year ago
Overview
- Description
- SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.22, 7.22EXT, 7.53, KRNL64NUC 7.22, 7.22EXT, creates information about system identity in an ambiguous format. This could lead to capture-replay vulnerability and may be exploited by malicious users to obtain illegitimate access to the system.
- Source
- cna@sap.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Weaknesses
- cna@sap.com
- CWE-294
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:700:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F048ED9-2DDF-4EB9-8571-73832AFABF6A"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:701:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C37DC475-6B9A-493C-9A6F-28CDD65D2A5B"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:702:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2BD9FE51-F76C-439A-A3C0-5279EC1059F7"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:710:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A8726A6-2AC2-4282-951F-A71AD03572F0"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:711:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E783E21-1F2A-44A2-BE1C-770370A6739B"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:730:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E8E6E23-EA96-45D5-BC81-3E5990701AD4"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:731:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4EB54432-0E1A-45F2-BEE1-8DC28FAADA9F"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E96C58C-ED44-487B-A67E-FDAE3C29023A"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:750:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A14DF5EB-B8CE-4A47-9959-2F65A5DCEF5F"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:751:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E0CA53D-4335-4872-B527-30802E31B893"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:752:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "419BA423-0803-4F51-8889-014A521F02CE"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:753:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA20ECDC-8807-462C-A0F0-70DF6F5A119B"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:754:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "800AAC21-325C-4F16-AE5A-9F89327E5356"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:755:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BDC15DB7-A95B-475F-AAA6-60A801F65690"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:756:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55A2FECF-A32E-4188-9563-E8BA0E952261"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:757:*:*:*:sap_basis:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9CBF2E53-17F0-4BF0-9C38-749C7E611BF4"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A145BFD2-92C8-46B1-8F72-53F6C37018C2"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.53:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A5F121E-49BF-4F08-8623-79DDE0A37B63"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.77:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2BF066A7-91C2-4B36-9A1B-80B1BC8A3E8D"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.81:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A677338F-5955-435C-91FD-CC5C1A387024"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.85:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A13006BE-0874-48D6-B8F6-47A117A2AE29"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap_kernel:7.89:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65C7E312-AC74-4997-995F-74AB2E53B24B"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap_krnl64nuc:7.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A4DCE73-B47A-4FDA-A96D-C251891C8E07"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap_krnl64nuc:7.22ext:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9AC795F5-1AE7-4B4C-B1DD-DEF46BB4122F"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap_krnl64uc:7.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14757DC0-6CAC-4082-B726-719098C2216C"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap_krnl64uc:7.22ext:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D24E493-7256-4881-9761-D84918EC1D78"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap_krnl64uc:7.53:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C060979B-38D0-40FD-B1A1-571F5F7C5E8D"
}
],
"operator": "OR"
}
]
}
]