CVE-2023-29189

SAP CRM (WebClient UI) - versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730, 746, 747, 748, 800, 801, allows an authenticated attacker to modify HTTP verbs used in requests to the web server. This application is exposed over the network and successful exploitation can lead to exposure of form fields

Published: Apr 11, 2023
Updated: Apr 19, 2023
CVE: CVE-2023-29189
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CWEs:

CWE-23

Affected Software
References

Software	From	Fixed in
sap / customer_relationship_management_webclient_ui	700	700.x
sap / customer_relationship_management_webclient_ui	731	731.x
sap / customer_relationship_management_webclient_ui	730	730.x
sap / customer_relationship_management_webclient_ui	746	746.x
sap / customer_relationship_management_webclient_ui	747	747.x
sap / customer_relationship_management_webclient_ui	748	748.x
sap / customer_relationship_management_webclient_ui	800	800.x
sap / customer_relationship_management_webclient_ui	801	801.x
sap / customer_relationship_management_s4fnd	103	103.x
sap / customer_relationship_management_s4fnd	104	104.x
sap / customer_relationship_management_s4fnd	105	105.x
sap / customer_relationship_management_webclient_ui	701	701.x
sap / customer_relationship_management_s4fnd	102	102.x

Vulnerability Database

290,273

CVE-2023-29189