Lucene search
HistoryMar 14, 2023 - 5:15 a.m.
CVE-2023-26460
cve-2023-26460
cache management service
sap
netweaver
application server
java
version 7.50
authentication
vulnerability
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
30.0%
Cache Management Service in SAP NetWeaver Application Server for Java - version 7.50, does not perform any authentication checks for functionalities that require user identity
Affected configurations
Node
sapnetweaver_application_server_for_javaMatch7.50
| CPE | Name | Operator | Version |
|---|---|---|---|
| sap:netweaver_application_server_for_java | sap netweaver application server for java | eq | 7.50 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "NetWeaver AS for Java",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "7.50"
}
]
}
]Related
cvelist
cvelist
cnvd
cnvd
SAP NetWeaver Application Server Access Control Error Vulnerability
2023-04-17 00:00:00
prion
prion
Authentication flaw
2023-03-14 05:15:00
nvd
nvd
CVE-2023-26460
2023-03-14 05:15:30
nessus
nessus
SAP NetWeaver AS Java Multiple Vulnerabilities (March 2023)
2023-03-16 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
30.0%
Related for CVE-2023-26460