CVE-2023-32113 - Vulnerability Details - OpenCVE

SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Sap	Gui For Windows

Configuration 1 [-]

OR	cpe:2.3:a:sap:gui_for_windows::::::::
	cpe:2.3:a:sap:gui_for_windows:7.70:-::::::
	cpe:2.3:a:sap:gui_for_windows:7.70:patch_level1::::::
	cpe:2.3:a:sap:gui_for_windows:7.70:patch_level10::::::
	cpe:2.3:a:sap:gui_for_windows:7.70:patch_level11::::::
	cpe:2.3:a:sap:gui_for_windows:7.70:patch_level2::::::
	cpe:2.3:a:sap:gui_for_windows:7.70:patch_level3::::::
	cpe:2.3:a:sap:gui_for_windows:7.70:patch_level4::::::
	cpe:2.3:a:sap:gui_for_windows:7.70:patch_level5::::::
	cpe:2.3:a:sap:gui_for_windows:7.70:patch_level6::::::
	cpe:2.3:a:sap:gui_for_windows:7.70:patch_level7::::::
	cpe:2.3:a:sap:gui_for_windows:7.70:patch_level8::::::
	cpe:2.3:a:sap:gui_for_windows:7.70:patch_level9::::::
	cpe:2.3:a:sap:gui_for_windows:8.0:-::::::
	cpe:2.3:a:sap:gui_for_windows:8.0:patch_level1::::::

No data.

References

Link	Providers
https://launchpad.support.sap.com/#/notes/3320467
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

History

Tue, 28 Jan 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: sap

Published: 2023-05-09T01:41:52.722Z

Updated: 2025-01-28T19:03:43.194Z

Reserved: 2023-05-03T14:48:13.764Z

Link: CVE-2023-32113

Vulnrichment

Updated: 2024-08-02T15:03:28.857Z

NVD

Status : Modified

Published: 2023-05-09T02:15:12.873

Modified: 2024-11-21T08:02:44.100

Link: CVE-2023-32113

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-32113", "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "state": "PUBLISHED", "assignerShortName": "sap", "dateReserved": "2023-05-03T14:48:13.764Z", "datePublished": "2023-05-09T01:41:52.722Z", "dateUpdated": "2025-01-28T19:03:43.194Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "SAP GUI for Windows", "vendor": "SAP_SE", "versions": [{"status": "affected", "version": "<= 7.70"}, {"lessThanOrEqual": "7.70 PL11", "status": "affected", "version": "7.70 PL0", "versionType": "custom"}, {"lessThanOrEqual": "8.00 PL1", "status": "affected", "version": "8.00 PL0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.</p>"}], "value": "SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "lang": "eng", "type": "CWE"}]}], "providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2024-03-12T21:51:09.272Z"}, "references": [{"url": "https://launchpad.support.sap.com/#/notes/3320467"}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "source": {"discovery": "UNKNOWN"}, "title": "Information Disclosure vulnerability in SAP GUI for Windows", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:03:28.857Z"}, "title": "CVE Program Container", "references": [{"url": "https://launchpad.support.sap.com/#/notes/3320467", "tags": ["x_transferred"]}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-28T19:03:31.530001Z", "id": "CVE-2023-32113", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-28T19:03:43.194Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://launchpad.support.sap.com/#/notes/3320467", "tags": ["x_transferred"]}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:03:28.857Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-32113", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-28T19:03:31.530001Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-28T19:03:36.797Z"}}], "cna": {"title": "Information Disclosure vulnerability in SAP GUI for Windows", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SAP_SE", "product": "SAP GUI for Windows", "versions": [{"status": "affected", "version": "<= 7.70"}, {"status": "affected", "version": "7.70 PL0", "versionType": "custom", "lessThanOrEqual": "7.70 PL11"}, {"status": "affected", "version": "8.00 PL0", "versionType": "custom", "lessThanOrEqual": "8.00 PL1"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://launchpad.support.sap.com/#/notes/3320467"}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "eng", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2024-03-12T21:51:09.272Z"}}}, "cveMetadata": {"cveId": "CVE-2023-32113", "state": "PUBLISHED", "dateUpdated": "2025-01-28T19:03:43.194Z", "dateReserved": "2023-05-03T14:48:13.764Z", "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "datePublished": "2023-05-09T01:41:52.722Z", "assignerShortName": "sap"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:gui_for_windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "44424F57-EDAC-42EE-8C29-F9AA09301A46", "versionEndExcluding": "7.70", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:7.70:-:*:*:*:*:*:*", "matchCriteriaId": "FE1286F1-B9A5-4F25-B083-272943D90023", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:7.70:patch_level1:*:*:*:*:*:*", "matchCriteriaId": "FF605CA1-E860-4185-A358-FE967E0DE408", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:7.70:patch_level10:*:*:*:*:*:*", "matchCriteriaId": "5D569EBA-CE95-436E-BB48-D2EF55DD9D30", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:7.70:patch_level11:*:*:*:*:*:*", "matchCriteriaId": "A81A5609-2ADD-4714-8783-27BC417346D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:7.70:patch_level2:*:*:*:*:*:*", "matchCriteriaId": "181183AC-5621-4895-82E1-E91D9DCAB69A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:7.70:patch_level3:*:*:*:*:*:*", "matchCriteriaId": "DD057E0A-C836-46ED-ACB3-1C80CECACD60", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:7.70:patch_level4:*:*:*:*:*:*", "matchCriteriaId": "2AEA7D81-E487-4B85-81FF-338E2C48D282", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:7.70:patch_level5:*:*:*:*:*:*", "matchCriteriaId": "4114FB5F-DE93-4C1F-80E2-08ADC51BC2B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:7.70:patch_level6:*:*:*:*:*:*", "matchCriteriaId": "F65D7775-75DC-4F88-AC76-C4EEC59A2DE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:7.70:patch_level7:*:*:*:*:*:*", "matchCriteriaId": "02EC1177-F290-4488-B365-F107A7CBBA09", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:7.70:patch_level8:*:*:*:*:*:*", "matchCriteriaId": "532B87F7-19BF-4956-A0A6-4F76755EF1F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:7.70:patch_level9:*:*:*:*:*:*", "matchCriteriaId": "662D074A-F79A-4936-925E-54C7DDC45BB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:8.0:-:*:*:*:*:*:*", "matchCriteriaId": "A69E51CD-C3D1-4B66-94AA-45B2A848912C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:gui_for_windows:8.0:patch_level1:*:*:*:*:*:*", "matchCriteriaId": "6E736149-FB18-47E7-B6DA-6459D4AC235D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.\n\n"}], "id": "CVE-2023-32113", "lastModified": "2024-11-21T08:02:44.100", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.8, "source": "cna@sap.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.8, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-05-09T02:15:12.873", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://launchpad.support.sap.com/#/notes/3320467"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://launchpad.support.sap.com/#/notes/3320467"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "cna@sap.com", "type": "Secondary"}]}