CVE-2023-35874 Information

Description

SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC 7.22 KRNL64NUC 7.22EXT KRNL64UC 7.22 KRNL64UC 7.22EXT KRNL64UC 7.53 KERNEL 7.22 KERNEL 7.53 KERNEL 7.77 KERNEL 7.81 KERNEL 7.85 KERNEL 7.89 KERNEL 7.54 KERNEL 7.92 KERNEL 7.93 under some conditions performs improper authentication checks for functionalities that require user identity. An attacker can perform malicious actions over the network extending the scope of impact causing a limited impact on confidentiality integrity and availability.

Reference

https://me.sap.com/notes/3318850 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html