CVE-2023-49578

Summary

SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform Denial of service attack from adjacent UI by sending a malicious request which leads to low impact on the availability and no impact on confidentiality or Integrity  of the application.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP Cloud Connector2.0affected

Weaknesses

  • CWE-732: CWE-732: Incorrect Permission Assignment for Critical Resource

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References