CVE-2023-29111: Infoleak
First published: Tue Apr 11 2023(Updated: )
The SAP AIF (ODATA service) - versions 755, 756, discloses more detailed information than is required. An authorized attacker can use the collected information possibly to exploit the component. As a result, an attacker can cause a low impact on the confidentiality of the application.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Application Interface Framework | =755 | |
| SAP Application Interface Framework | =756 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-29111.
What is the title of the vulnerability?
The title of the vulnerability is 'The SAP AIF (ODATA service) - versions 755 756 discloses more detailed information than is required.'
What is the severity of CVE-2023-29111?
The severity of CVE-2023-29111 is medium with a severity value of 4.3.
How does CVE-2023-29111 affect SAP Application Interface Framework?
CVE-2023-29111 affects SAP Application Interface Framework versions 755 and 756.
How can an attacker exploit CVE-2023-29111?
An authorized attacker can use the collected information from CVE-2023-29111 to possibly exploit the SAP AIF (ODATA service) component.
- collector/nvd-index
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/references
- agent/weakness
- agent/tags
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- vendor/sap
- canonical/sap application interface framework
- version/sap application interface framework/755
- version/sap application interface framework/756