CVE-2023-23859: 
SAP NetWeaver Application Server ABAP vulnerability analysis and mitigation

SAP NetWeaver AS for ABAP and ABAP Platform versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, and 790 are affected by a security vulnerability that allows an unauthenticated attacker to craft a malicious link which, when clicked by an unsuspecting user, can be used to read or modify sensitive information (NVD, CVE).

The vulnerability has been assigned a CVSS v3.1 Base Score of 6.1 (Medium) with the following vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N. This indicates that the vulnerability can be exploited over the network, requires low attack complexity, needs no privileges, but does require user interaction. The scope is changed, with low impacts on both confidentiality and integrity, and no impact on availability (NVD).

When successfully exploited, this vulnerability allows attackers to read or modify sensitive information within the scope of the victim's browser. The attack requires user interaction in the form of clicking a malicious link, and can potentially lead to unauthorized access to sensitive data (NVD).

SAP has released security patches to address this vulnerability. Users are advised to refer to SAP Security Note 3268959 for detailed mitigation instructions (SAP Note).