CVE-2023-32113

CRITICAL Year: 2023
CVSS v3 Score
9.3
Critical
Weakness Type
CWE-200
View all →

Vulnerability Description

SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.

Related Vulnerabilities

CVE-2013-6014

CRITICAL
CVSS:9.3(Critical)

Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.2 before 12.2R6, 12.3 before 12.3R3, 13...

CWE-2002013

CVE-2021-22272

CRITICAL
CVSS:9.4(Critical)

The vulnerability origins in the commissioning process where an attacker of the ControlTouch can enter a serial number in a specific way to transfer the device virtually into her/his my.busch-jaeger.d...

CWE-2002021

CVE-2010-2783

CRITICAL
CVSS:9.1(Critical)

IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended JNLP Services.

CWE-2002010

CVE-2015-2254

CRITICAL
CVSS:9.1(Critical)

Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to capture and change patch loading information resulting in the deletion of directory files and compro...

CWE-2002015

CVE-2015-5041

CRITICAL
CVSS:9.1(Critical)

The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject d...

CWE-2002015

CVE-2016-0903

CRITICAL
CVSS:9.1(Critical)

Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data v...

CWE-2002016