2.7
CVE-2024-44114
- EPSS 0.07%
- Veröffentlicht 10.09.2024 03:15:03
- Zuletzt bearbeitet 16.09.2024 14:09:10
- Quelle cna@sap.com
- Teams Watchlist Login
- Unerledigt Login
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. This results in a minimal impact on confidentiality of the application.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SAP ≫ Netweaver Application Server Abap Version702
SAP ≫ Netweaver Application Server Abap Version731
SAP ≫ Netweaver Application Server Abap Version740
SAP ≫ Netweaver Application Server Abap Version750
SAP ≫ Netweaver Application Server Abap Version751
SAP ≫ Netweaver Application Server Abap Version752
SAP ≫ Netweaver Application Server Abap Version753
SAP ≫ Netweaver Application Server Abap Version754
SAP ≫ Netweaver Application Server Abap Version755
SAP ≫ Netweaver Application Server Abap Version756
SAP ≫ Netweaver Application Server Abap Version757
SAP ≫ Netweaver Application Server Abap Version758
SAP ≫ Netweaver Application Server Abap Version912
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.228 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.7 | 1.2 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
|
| cna@sap.com | 2 | 0.5 | 1.4 |
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N
|
CWE-863 Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.