SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an unauthorized attacker to discover information relating to SRM within Vendor Master Data for Business Partners replication functionality.This information could be used to allow the attacker to specialize their attacks against SRM.
References
Link | Resource |
---|---|
https://me.sap.com/notes/2067220 | Permissions Required |
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
09 Aug 2023, 18:19
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:sap:supplier_relationship_management:605:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:617:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:603:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:606:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:616:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:600:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:604:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:602:*:*:*:*:*:*:* |
|
First Time |
Sap supplier Relationship Management
Sap |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.8 |
References | (MISC) https://me.sap.com/notes/2067220 - Permissions Required | |
References | (MISC) https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory |
08 Aug 2023, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-08 01:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-39436
Mitre link : CVE-2023-39436
CVE.ORG link : CVE-2023-39436
JSON object : View
Products Affected
sap
- supplier_relationship_management
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor