Medium severity5.3NVD Advisory· Published Nov 14, 2023· Updated Jun 17, 2026
CVE-2023-42480
CVE-2023-42480
Description
The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute force the login functionality to identify the legitimate user ids. This will have an impact on confidentiality but there is no other impact on integrity or availability.
Affected products
2- Range: 7.50
- Range: 7.50
Patches
Vulnerability mechanics
References
2- www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlnvdVendor Advisory
- me.sap.com/notes/3366410nvdPermissions Required
News mentions
0No linked articles in our index yet.