CVE-2023-33991 - OpenCVE

SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting (Stored XSS) vulnerability. After successful exploitation, an attacker with user level access can cause high impact on confidentiality, modify some information and can cause unavailability of the application at user level.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact Low

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sap	Ui

Configuration 1 [-]

OR	cpe:2.3:a:sap:ui:700:::::::*
	cpe:2.3:a:sap:ui:750:::::::*
	cpe:2.3:a:sap:ui:754:::::::*
	cpe:2.3:a:sap:ui:755:::::::*
	cpe:2.3:a:sap:ui:756:::::::*
	cpe:2.3:a:sap:ui:757:::::::*

No data.

References

Link	Providers
https://launchpad.support.sap.com/#/notes/3324285
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: sap

Published: 2023-06-13T02:49:25.778Z

Updated: 2024-08-02T15:54:14.185Z

Reserved: 2023-05-24T20:41:32.834Z

Link: CVE-2023-33991

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-06-13T03:15:09.837

Modified: 2023-06-20T16:48:54.673

Link: CVE-2023-33991

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-33991", "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "state": "PUBLISHED", "assignerShortName": "sap", "dateReserved": "2023-05-24T20:41:32.834Z", "datePublished": "2023-06-13T02:49:25.778Z", "dateUpdated": "2024-08-02T15:54:14.185Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "SAP UI5 Variant Management", "vendor": "SAP_SE", "versions": [{"status": "affected", "version": "SAP_UI 750"}, {"status": "affected", "version": "SAP_UI 754"}, {"status": "affected", "version": "SAP_UI 755"}, {"status": "affected", "version": "SAP_UI 756"}, {"status": "affected", "version": "SAP_UI 757"}, {"status": "affected", "version": "UI_700 200"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting (Stored XSS) vulnerability. After successful exploitation, an attacker with user level access can cause high impact on confidentiality, modify some information and can cause unavailability of the application at user level.</p>"}], "value": "SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting (Stored XSS) vulnerability. After successful exploitation, an attacker with user level access can cause high impact on confidentiality, modify some information and can cause unavailability of the application at user level.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "eng", "type": "CWE"}]}], "providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2023-06-13T02:49:25.778Z"}, "references": [{"url": "https://launchpad.support.sap.com/#/notes/3324285"}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "source": {"discovery": "UNKNOWN"}, "title": "Stored Cross-Site Scripting (Stored XSS) vulnerability in SAP UI5 Variant Management", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:54:14.185Z"}, "title": "CVE Program Container", "references": [{"url": "https://launchpad.support.sap.com/#/notes/3324285", "tags": ["x_transferred"]}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:ui:700:*:*:*:*:*:*:*", "matchCriteriaId": "E17EB8F7-A4E1-4EA4-A61D-CB08378A9C4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui:750:*:*:*:*:*:*:*", "matchCriteriaId": "E14EBC22-ED44-4089-8CE8-55D1B43D1911", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui:754:*:*:*:*:*:*:*", "matchCriteriaId": "C6018B37-667D-47C4-92B0-8BD028AF50F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui:755:*:*:*:*:*:*:*", "matchCriteriaId": "E2EC8C54-BB21-492F-9AC1-2728FA7EA974", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui:756:*:*:*:*:*:*:*", "matchCriteriaId": "8F219F8D-7AEB-44E1-B36A-13350AA9143B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui:757:*:*:*:*:*:*:*", "matchCriteriaId": "582F5630-F148-46DF-A556-1BBBFCE000D1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting (Stored XSS) vulnerability. After successful exploitation, an attacker with user level access can cause high impact on confidentiality, modify some information and can cause unavailability of the application at user level.\n\n"}], "id": "CVE-2023-33991", "lastModified": "2023-06-20T16:48:54.673", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 5.3, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 5.3, "source": "cna@sap.com", "type": "Secondary"}]}, "published": "2023-06-13T03:15:09.837", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required"], "url": "https://launchpad.support.sap.com/#/notes/3324285"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "cna@sap.com", "type": "Primary"}]}