SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an unauthorized attacker to discover information relating to SRM within Vendor Master Data for Business Partners replication functionality.This information could be used to allow the attacker to specialize their attacks against SRM.
References
Link | Resource |
---|---|
https://me.sap.com/notes/2067220 | Permissions Required |
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
28 Sep 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-306 | |
Summary | (en) SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an unauthorized attacker to discover information relating to SRM within Vendor Master Data for Business Partners replication functionality.This information could be used to allow the attacker to specialize their attacks against SRM. |
09 Aug 2023, 18:19
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://me.sap.com/notes/2067220 - Permissions Required | |
References | (MISC) https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory | |
First Time |
Sap supplier Relationship Management
Sap |
|
CPE | cpe:2.3:a:sap:supplier_relationship_management:604:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:603:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:605:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:602:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:616:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:606:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:600:*:*:*:*:*:*:* cpe:2.3:a:sap:supplier_relationship_management:617:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.8 |
08 Aug 2023, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-08 01:15
Updated : 2024-09-28 22:15
NVD link : CVE-2023-39436
Mitre link : CVE-2023-39436
CVE.ORG link : CVE-2023-39436
JSON object : View
Products Affected
sap
- supplier_relationship_management
CWE
CWE-306
Missing Authentication for Critical Function