Security Advisory

CVE-2023-37491

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-08 00:46:40

Last updated 2024-10-22 19:40:56

Assigner sap

State PUBLISHED

Description

The ACL (Access Control List) of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, RNL64UC 7.22, RNL64UC 7.22EXT, RNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22EXT, can be bypassed in certain conditions, which may enable an authenticated malicious user to enter the network of the SAP systems served by the attacked SAP Message server. This may lead to unauthorized read and write of data as well as rendering the system unavailable.

← Browse all CVEs View on cve.org ↗