Medium severity6.8NVD Advisory· Published Mar 14, 2023· Updated Jun 17, 2026
CVE-2023-26461
CVE-2023-26461
Description
SAP NetWeaver allows (SAP Enterprise Portal) - version 7.50, allows an authenticated attacker with sufficient privileges to access the XML parser which can submit a crafted XML file which when parsed will enable them to access but not modify sensitive files and data. It allows the attacker to view sensitive data which is owned by certain privileges.
Affected products
3- Range: = 7.50
- Range: 7.50
Patches
Vulnerability mechanics
References
2- www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlnvdVendor Advisory
- launchpad.support.sap.comnvdPermissions Required
News mentions
0No linked articles in our index yet.