Vulnerability Description
SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.22, 7.22EXT, 7.53, KRNL64NUC 7.22, 7.22EXT, creates information about system identity in an ambiguous format. This could lead to capture-replay vulnerability and may be exploited by malicious users to obtain illegitimate access to the system.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sap | Netweaver Application Server Abap | 700 |
| Sap | Netweaver Application Server Abap Kernel | 7.22 |
| Sap | Netweaver Application Server Abap Krnl64Nuc | 7.22 |
| Sap | Netweaver Application Server Abap Krnl64Uc | 7.22 |
Related Weaknesses (CWE)
References
- https://launchpad.support.sap.com/#/notes/3089413Permissions RequiredVendor Advisory
- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlVendor Advisory
- https://launchpad.support.sap.com/#/notes/3089413Permissions RequiredVendor Advisory
- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlVendor Advisory
FAQ
What is CVE-2023-0014?
CVE-2023-0014 is a vulnerability with a CVSS score of 9.0 (CRITICAL). SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.2...
How severe is CVE-2023-0014?
CVE-2023-0014 has been rated CRITICAL with a CVSS base score of 9.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-0014?
Check the references section above for vendor advisories and patch information. Affected products include: Sap Netweaver Application Server Abap, Sap Netweaver Application Server Abap Kernel, Sap Netweaver Application Server Abap Krnl64Nuc, Sap Netweaver Application Server Abap Krnl64Uc.