CVE-2023-50424

Summary

SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) - versions < 0.17.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.

Affected Software

VendorProductVersion RangeStatus
SAP_SEgithub.com/sap/cloud-security-client-go< 0.17.0affected

Weaknesses

  • CWE-749: CWE-749: Exposed Dangerous Method or Function

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References