Unauthenticated Access and Modification of SAP NetWeaver Enterprise Portal Settings and Data
CVE-2023-28761 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
In SAP NetWeaver Enterprise Portal - version 7.50, an unauthenticated attacker can attach to an open interface and make use of an open API to access a service which will enable them to access or modify server settings and data, leading to limited impact on confidentiality and integrity.
Learn more about our Cis Benchmark Audit For Server Software.