First published: Tue Jun 13 2023(Updated: )
An attacker can exploit MDS COMPARE TOOL and use specially crafted inputs to read and modify database commands, resulting in the retrieval of additional information persisted by the system.
Credit: cna@sap.com
Affected Software | Affected Version | How to fix |
---|---|---|
SAP Master Data Synchronization | =600 | |
SAP Master Data Synchronization | =602 | |
SAP Master Data Synchronization | =603 | |
SAP Master Data Synchronization | =604 | |
SAP Master Data Synchronization | =605 | |
SAP Master Data Synchronization | =606 | |
SAP Master Data Synchronization | =616 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-32115 is classified as a critical vulnerability due to its potential impact on database integrity and confidentiality.
To fix CVE-2023-32115, update to the latest version of SAP Master Data Synchronization that addresses this vulnerability.
CVE-2023-32115 affects SAP Master Data Synchronization versions 600, 602, 603, 604, 605, 606, and 616.
CVE-2023-32115 can be exploited through specially crafted inputs that allow an attacker to read and modify database commands.
The potential impact of CVE-2023-32115 includes unauthorized information retrieval and modification within the affected database.