CVE-2023-29108
First published: Tue Apr 11 2023(Updated: )
The IP filter in ABAP Platform and SAP Web Dispatcher - versions WEBDISP 7.85, 7.89, KERNEL 7.85, 7.89, 7.91, may be vulnerable by erroneous IP netmask handling. This may enable access to backend applications from unwanted sources.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP ABAP Platform Kernel | =7.85 | |
| SAP ABAP Platform Kernel | =7.89 | |
| SAP ABAP Platform Kernel | =7.91 | |
| SAP Web Dispatcher | =7.85 | |
| SAP Web Dispatcher | =7.89 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-29108.
What is the severity of CVE-2023-29108?
The severity of CVE-2023-29108 is medium with a severity value of 5.3.
Which software versions are affected by CVE-2023-29108?
The ABAP Platform versions WEBDISP 7.85, 7.89, KERNEL 7.85, 7.89, 7.91, and SAP Web Dispatcher versions 7.85, 7.89 are affected by CVE-2023-29108.
What is the impact of CVE-2023-29108?
CVE-2023-29108 may enable access to backend applications from unwanted sources.
How can I fix CVE-2023-29108?
To fix CVE-2023-29108, apply the necessary patches and updates provided by SAP.
- collector/nvd-index
- vendor/sap
- canonical/sap abap platform kernel
- version/sap abap platform kernel/7.85
- version/sap abap platform kernel/7.89
- version/sap abap platform kernel/7.91
- canonical/sap web dispatcher
- version/sap web dispatcher/7.85
- version/sap web dispatcher/7.89