CVE-2023-50422

SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) - versions below 2.17.0 and versions from 3.0.0 to before 3.3.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://blogs.sap.com/2023/12/12/unveiling-critical-security-updates-sap-btp-security-note-3411067/	Vendor Advisory
https://github.com/SAP/cloud-security-services-integration-library/	Product
https://github.com/SAP/cloud-security-services-integration-library/security/advisories/GHSA-59c9-pxq8-9c73	Vendor Advisory
https://me.sap.com/notes/3411067	Permissions Required
https://me.sap.com/notes/3413475
https://mvnrepository.com/artifact/com.sap.cloud.security.xsuaa/spring-xsuaa	Product
https://mvnrepository.com/artifact/com.sap.cloud.security/java-security	Product
https://mvnrepository.com/artifact/com.sap.cloud.security/spring-security	Product
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sap:cloud-security-services-integration-library::::::java::*
	cpe:2.3:a:sap:cloud-security-services-integration-library::::::java::*

History

No history.

Information

Published : 2023-12-12 02:15

Updated : 2024-01-09 02:15

NVD link : CVE-2023-50422

Mitre link : CVE-2023-50422

CVE.ORG link : CVE-2023-50422

JSON object : View

Products Affected

sap

cloud-security-services-integration-library

CWE

CWE-269

Improper Privilege Management

{"id": "CVE-2023-50422", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "cna@sap.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2023-12-12T02:15:08.587", "references": [{"url": "https://blogs.sap.com/2023/12/12/unveiling-critical-security-updates-sap-btp-security-note-3411067/", "tags": ["Vendor Advisory"], "source": "cna@sap.com"}, {"url": "https://github.com/SAP/cloud-security-services-integration-library/", "tags": ["Product"], "source": "cna@sap.com"}, {"url": "https://github.com/SAP/cloud-security-services-integration-library/security/advisories/GHSA-59c9-pxq8-9c73", "tags": ["Vendor Advisory"], "source": "cna@sap.com"}, {"url": "https://me.sap.com/notes/3411067", "tags": ["Permissions Required"], "source": "cna@sap.com"}, {"url": "https://me.sap.com/notes/3413475", "source": "cna@sap.com"}, {"url": "https://mvnrepository.com/artifact/com.sap.cloud.security.xsuaa/spring-xsuaa", "tags": ["Product"], "source": "cna@sap.com"}, {"url": "https://mvnrepository.com/artifact/com.sap.cloud.security/java-security", "tags": ["Product"], "source": "cna@sap.com"}, {"url": "https://mvnrepository.com/artifact/com.sap.cloud.security/spring-security", "tags": ["Product"], "source": "cna@sap.com"}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "tags": ["Vendor Advisory"], "source": "cna@sap.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "cna@sap.com", "description": [{"lang": "en", "value": "CWE-269"}]}], "descriptions": [{"lang": "en", "value": "SAP\u00a0BTP\u00a0Security Services Integration Library ([Java] cloud-security-services-integration-library) -\u00a0versions below 2.17.0 and versions from 3.0.0 to before 3.3.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.\n\n"}, {"lang": "es", "value": "SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library): las versiones inferiores a 2.17.0 y las versiones desde 3.0.0 hasta anteriores a 3.3.0 permiten, bajo ciertas condiciones, una escalada de privilegios. Si la explotaci\u00f3n tiene \u00e9xito, un atacante no autenticado puede obtener permisos arbitrarios dentro de la aplicaci\u00f3n."}], "lastModified": "2024-01-09T02:15:45.420", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:cloud-security-services-integration-library:*:*:*:*:*:java:*:*", "vulnerable": true, "matchCriteriaId": "EA00D38E-621A-4114-8F4F-F0AA3C41E88F", "versionEndExcluding": "2.17.0"}, {"criteria": "cpe:2.3:a:sap:cloud-security-services-integration-library:*:*:*:*:*:java:*:*", "vulnerable": true, "matchCriteriaId": "4C7EE7BE-CA31-4B97-B455-41F66AEE85E9", "versionEndExcluding": "3.3.0", "versionStartIncluding": "3.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "cna@sap.com"}