CVE-2023-33991

SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting (Stored XSS) vulnerability. After successful exploitation, an attacker with user level access can cause high impact on confidentiality, modify some information and can cause unavailability of the application at user level.

CVSS v3 8.2 HIGH

8.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.3 / Impact : 5.3

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://launchpad.support.sap.com/#/notes/3324285	Permissions Required
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sap:ui:700:::::::*
	cpe:2.3:a:sap:ui:750:::::::*
	cpe:2.3:a:sap:ui:754:::::::*
	cpe:2.3:a:sap:ui:755:::::::*
	cpe:2.3:a:sap:ui:756:::::::*
	cpe:2.3:a:sap:ui:757:::::::*

History

20 Jun 2023, 16:48

Type	Values Removed	Values Added
CPE		cpe:2.3:a:sap:ui:700:::::::* cpe:2.3:a:sap:ui:750:::::::* cpe:2.3:a:sap:ui:756:::::::* cpe:2.3:a:sap:ui:755:::::::* cpe:2.3:a:sap:ui:757:::::::* cpe:2.3:a:sap:ui:754:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.2
First Time		Sap Sap ui
References	~~(MISC) https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html -~~	(MISC) https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3324285 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3324285 - Permissions Required

13 Jun 2023, 03:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-06-13 03:15

Updated : 2023-12-10 15:01

NVD link : CVE-2023-33991

Mitre link : CVE-2023-33991

CVE.ORG link : CVE-2023-33991

JSON object : View

Products Affected

sap

ui

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2023-33991", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.3, "exploitabilityScore": 2.3}, {"type": "Secondary", "source": "cna@sap.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.3, "exploitabilityScore": 2.3}]}, "published": "2023-06-13T03:15:09.837", "references": [{"url": "https://launchpad.support.sap.com/#/notes/3324285", "tags": ["Permissions Required"], "source": "cna@sap.com"}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "tags": ["Vendor Advisory"], "source": "cna@sap.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "cna@sap.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting (Stored XSS) vulnerability. After successful exploitation, an attacker with user level access can cause high impact on confidentiality, modify some information and can cause unavailability of the application at user level.\n\n"}], "lastModified": "2023-06-20T16:48:54.673", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:ui:700:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E17EB8F7-A4E1-4EA4-A61D-CB08378A9C4F"}, {"criteria": "cpe:2.3:a:sap:ui:750:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E14EBC22-ED44-4089-8CE8-55D1B43D1911"}, {"criteria": "cpe:2.3:a:sap:ui:754:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6018B37-667D-47C4-92B0-8BD028AF50F4"}, {"criteria": "cpe:2.3:a:sap:ui:755:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2EC8C54-BB21-492F-9AC1-2728FA7EA974"}, {"criteria": "cpe:2.3:a:sap:ui:756:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F219F8D-7AEB-44E1-B36A-13350AA9143B"}, {"criteria": "cpe:2.3:a:sap:ui:757:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "582F5630-F148-46DF-A556-1BBBFCE000D1"}], "operator": "OR"}]}], "sourceIdentifier": "cna@sap.com"}