CVE-2023-39436
Last modified
CVE-2023-39436 is a medium-severity vulnerability rated 5.8/10 on the CVSS scale. SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an unauthorized attacker to discover information relating to SRM within Vendor Master Data for Business Partners replication functionality.This information could be used to allow the attacker to specialize their attacks against SRM.. EPSS estimates a 0.37% chance of exploitation in the next 30 days.
Description
SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an unauthorized attacker to discover information relating to SRM within Vendor Master Data for Business Partners replication functionality.This information could be used to allow the attacker to specialize their attacks against SRM.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sap | Supplier Relationship Management | 600 |
| Sap | Supplier Relationship Management | 602 |
| Sap | Supplier Relationship Management | 603 |
| Sap | Supplier Relationship Management | 604 |
| Sap | Supplier Relationship Management | 605 |
| Sap | Supplier Relationship Management | 606 |
| Sap | Supplier Relationship Management | 616 |
| Sap | Supplier Relationship Management | 617 |
References
- https://me.sap.com/notes/2067220Permissions Required
- https://me.sap.com/notes/2067220Permissions Required
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-39436?
How severe is CVE-2023-39436?
How do I fix CVE-2023-39436?
Are you affected by CVE-2023-39436?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST