CVE-2024-21735

SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. This could allow an attacker with high privileges to perform unintended actions, resulting in escalation of privileges, which has High impact on confidentiality, integrity and availability of the system.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:lt_replication_server:s4core_103:*:*:*:*:*:*:*
cpe:2.3:a:sap:lt_replication_server:s4core_104:*:*:*:*:*:*:*
cpe:2.3:a:sap:lt_replication_server:s4core_105:*:*:*:*:*:*:*
cpe:2.3:a:sap:lt_replication_server:s4core_106:*:*:*:*:*:*:*
cpe:2.3:a:sap:lt_replication_server:s4core_107:*:*:*:*:*:*:*
cpe:2.3:a:sap:lt_replication_server:s4core_108:*:*:*:*:*:*:*

History

12 Jan 2024, 17:04

Type Values Removed Values Added
CWE CWE-285 CWE-863
References () https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - () https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory
References () https://me.sap.com/notes/3407617 - () https://me.sap.com/notes/3407617 - Permissions Required
CPE cpe:2.3:a:sap:lt_replication_server:s4core_103:*:*:*:*:*:*:*
cpe:2.3:a:sap:lt_replication_server:s4core_106:*:*:*:*:*:*:*
cpe:2.3:a:sap:lt_replication_server:s4core_107:*:*:*:*:*:*:*
cpe:2.3:a:sap:lt_replication_server:s4core_105:*:*:*:*:*:*:*
cpe:2.3:a:sap:lt_replication_server:s4core_108:*:*:*:*:*:*:*
cpe:2.3:a:sap:lt_replication_server:s4core_104:*:*:*:*:*:*:*
First Time Sap lt Replication Server
Sap
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.2

09 Jan 2024, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-09 01:15

Updated : 2024-02-28 20:54


NVD link : CVE-2024-21735

Mitre link : CVE-2024-21735

CVE.ORG link : CVE-2024-21735


JSON object : View

Products Affected

sap

  • lt_replication_server
CWE
CWE-863

Incorrect Authorization