← Back

CVE-2023-32113

nvd nist
Published: May 9, 2023Modified: Nov 21, 2024

JSON object

Loading...
9.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Exploitability: 2.8 / Impact: 5.8
Source: NVD

Description

SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.

Affected (15)

Products: Sap: Gui For Windows
Sap
1 product
Gui For Windows
Configuration A
15 vulnerable
Vulnerable SoftwareAffected Versions
Sap
Gui For Windows
Before 7.70
Gui For Windows
Version 7.70
Gui For Windows
Version 7.70 patch_level10
Gui For Windows
Version 7.70 patch_level11
Gui For Windows
Version 7.70 patch_level1
Gui For Windows
Version 7.70 patch_level2
Gui For Windows
Version 7.70 patch_level3
Gui For Windows
Version 7.70 patch_level4
Gui For Windows
Version 7.70 patch_level5
Gui For Windows
Version 7.70 patch_level6
Gui For Windows
Version 7.70 patch_level7
Gui For Windows
Version 7.70 patch_level8
Gui For Windows
Version 7.70 patch_level9
Gui For Windows
Version 8.0
Gui For Windows
Version 8.0 patch_level1

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

Source: cna@sap.com
Permissions RequiredVendor Advisory
Source: cna@sap.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.