CVE-2023-27499 - OpenCVE

SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could craft a malicious URL and lure the victim to click, the script supplied by the attacker will execute in the victim user's browser. The information from the victim's web browser can either be modified or read and sent to the attacker.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sap	Netweaver Netweaver Application Server Abap

Configuration 1 [-]

OR	cpe:2.3:a:sap:netweaver:7.22ext:::::::*
	cpe:2.3:a:sap:netweaver_application_server_abap:7.22:::::::*
	cpe:2.3:a:sap:netweaver_application_server_abap:7.53:::::::*
	cpe:2.3:a:sap:netweaver_application_server_abap:7.54:::::::*
	cpe:2.3:a:sap:netweaver_application_server_abap:7.77:::::::*
	cpe:2.3:a:sap:netweaver_application_server_abap:7.81:::::::*
	cpe:2.3:a:sap:netweaver_application_server_abap:7.85:::::::*
	cpe:2.3:a:sap:netweaver_application_server_abap:7.89:::::::*
	cpe:2.3:a:sap:netweaver_application_server_abap:7.91:::::::*
	cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc:::::::*
	cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc_7.22:::::::*

No data.

References

Link	Providers
https://launchpad.support.sap.com/#/notes/3275458
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: sap

Published: 2023-04-11T02:48:52.677Z

Updated: 2024-08-02T12:16:35.477Z

Reserved: 2023-03-02T03:37:32.233Z

Link: CVE-2023-27499

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-04-11T03:15:07.547

Modified: 2023-04-18T16:02:19.700

Link: CVE-2023-27499

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-27499", "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "state": "PUBLISHED", "assignerShortName": "sap", "dateReserved": "2023-03-02T03:37:32.233Z", "datePublished": "2023-04-11T02:48:52.677Z", "dateUpdated": "2024-08-02T12:16:35.477Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "GUI for HTML", "vendor": "SAP_SE", "versions": [{"status": "affected", "version": "KERNEL 7.22"}, {"status": "affected", "version": "KERNEL 7.53"}, {"status": "affected", "version": "KERNEL 7.54"}, {"status": "affected", "version": "KERNEL 7.77"}, {"status": "affected", "version": "KERNEL 7.81"}, {"status": "affected", "version": "KERNEL 7.85"}, {"status": "affected", "version": "KERNEL 7.89"}, {"status": "affected", "version": "KERNEL 7.91"}, {"status": "affected", "version": "KRNL64UC 7.22"}, {"status": "affected", "version": "KRNL64UC 7.22EXT"}, {"status": "affected", "version": "KRNL64UC 7.53"}, {"status": "affected", "version": "KRNL64NUC 7.22"}, {"status": "affected", "version": "KRNL64NUC 7.22EXT"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could craft a malicious URL and lure the victim to click, the script supplied by the attacker will execute in the victim user's browser. The information from the victim's web browser can either be modified or read and sent to the attacker.</p>"}], "value": "SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could craft a malicious URL and lure the victim to click, the script supplied by the attacker will execute in the victim user's browser. The information from the victim's web browser can either be modified or read and sent to the attacker.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "eng", "type": "CWE"}]}], "providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2023-05-03T03:20:34.384Z"}, "references": [{"url": "https://launchpad.support.sap.com/#/notes/3275458"}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "source": {"discovery": "UNKNOWN"}, "title": "Cross-Site Scripting (XSS) vulnerability in SAP GUI for HTML", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T12:16:35.477Z"}, "title": "CVE Program Container", "references": [{"url": "https://launchpad.support.sap.com/#/notes/3275458", "tags": ["x_transferred"]}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:netweaver:7.22ext:*:*:*:*:*:*:*", "matchCriteriaId": "71AFBCEC-649C-4389-85C2-6C245290E91A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.22:*:*:*:*:*:*:*", "matchCriteriaId": "16B3C589-DF11-459D-8A3F-1A1FD2265022", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.53:*:*:*:*:*:*:*", "matchCriteriaId": "9E8CB869-C342-4362-9A4A-298F0B5F4003", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.54:*:*:*:*:*:*:*", "matchCriteriaId": "92EBF7BA-BB05-4946-9CA8-E170AB80ECA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.77:*:*:*:*:*:*:*", "matchCriteriaId": "89E7439E-F4D6-45EA-99FC-C9B34D4D590E", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.81:*:*:*:*:*:*:*", "matchCriteriaId": "252DCEF2-8DDF-467F-8869-B69A0A3426F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.85:*:*:*:*:*:*:*", "matchCriteriaId": "9BC578BE-2308-491E-9D56-6B45AFF0FCFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.89:*:*:*:*:*:*:*", "matchCriteriaId": "4C5C5010-9631-4C70-AD90-A0D16B03BFA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.91:*:*:*:*:*:*:*", "matchCriteriaId": "5E1807BC-8549-438A-BF6F-DD15C660CCF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc:*:*:*:*:*:*:*", "matchCriteriaId": "4F6FABE8-A600-491F-AF0A-049F5E5C1E16", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc_7.22:*:*:*:*:*:*:*", "matchCriteriaId": "23257C18-B75C-471C-9EAF-1E86DEE845FA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could craft a malicious URL and lure the victim to click, the script supplied by the attacker will execute in the victim user's browser. The information from the victim's web browser can either be modified or read and sent to the attacker.\n\n"}], "id": "CVE-2023-27499", "lastModified": "2023-04-18T16:02:19.700", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "cna@sap.com", "type": "Secondary"}]}, "published": "2023-04-11T03:15:07.547", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required"], "url": "https://launchpad.support.sap.com/#/notes/3275458"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "cna@sap.com", "type": "Secondary"}]}