cvedb.io
CVE-2023-24521
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2023-02-14T04:15:12.317 · Last modified 2026-06-17T05:39:27.090

Summary

Due to insufficient input sanitization, SAP NetWeaver AS ABAP (BSP Framework) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an unauthenticated user to alter the current session of the user by injecting the malicious code over the network and gain access to the unintended data. This may lead to a limited impact on the confidentiality and the integrity of the application.

Affected products

sap — netweaver_as_abap_business_server_pages

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.