CVE-2023-23855
First published: Tue Feb 14 2023(Updated: )
SAP Solution Manager - version 720, allows an authenticated attacker to redirect users to a malicious site due to insufficient URL validation. A successful attack could lead an attacker to read or modify the information or expose the user to a phishing attack. As a result, it has a low impact to confidentiality, integrity and availability.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Solution Manager | =720 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this SAP Solution Manager issue?
The vulnerability ID for this SAP Solution Manager issue is CVE-2023-23855.
What is the severity rating of CVE-2023-23855?
CVE-2023-23855 has a severity rating of medium.
What is the impact of CVE-2023-23855?
CVE-2023-23855 can allow an authenticated attacker to redirect users to a malicious site, potentially leading to unauthorized information access, modification, or phishing attacks.
What version of SAP Solution Manager is affected by CVE-2023-23855?
SAP Solution Manager version 720 is affected by CVE-2023-23855.
Are there any references available for CVE-2023-23855?
Yes, you can find references for CVE-2023-23855 at these links: [Reference 1](https://launchpad.support.sap.com/#/notes/3270509), [Reference 2](https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html).
- collector/nvd-index
- agent/author
- agent/references
- agent/severity
- agent/weakness
- agent/type
- agent/event
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/description
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap solution manager
- version/sap solution manager/720