Lucene search
SapCVELIST:CVE-2023-0016HistoryJan 10, 2023 - 3:13 a.m.
CVE-2023-0016 SQL Injection vulnerability in SAP Business Planning and Consolidation MS
2023-01-1003:13:29
CWE-89
sap
www.cve.org
4
cve-2023-0016
sap
sql injection
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
0.001
Percentile
36.9%
SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. The exploitation of this issue could lead to SQL injection vulnerability and could allow an attacker to access, modify, and/or delete data from the backend database.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "SAP BPC MS 10.0",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "800"
},
{
"status": "affected",
"version": "810"
}
]
}
]Related
prion
prion
Sql injection
2023-01-10 04:15:00
nvd
nvd
CVE-2023-0016
2023-01-10 04:15:09
cnvd
cnvd
SAP BPC MS SQL Injection Vulnerability
2023-01-12 00:00:00
cve
cve
CVE-2023-0016
2023-01-10 04:15:09
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
0.001
Percentile
36.9%
Related for CVELIST:CVE-2023-0016