SAP BW/4HANA Transformation and Data Transfer
Process (DTP) allows an authenticated attacker to gain higher access levels
than they should have by exploiting improper authorization checks. This results
in escalation of privileges. It has no impact on the confidentiality of data
but may have low impacts on the integrity and availability of the application.
References
Link | Resource |
---|---|
https://me.sap.com/notes/3465455 | Permissions Required |
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
09 Aug 2024, 18:42
Type | Values Removed | Values Added |
---|---|---|
First Time |
Sap bw\/4hana
Sap |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
CPE | cpe:2.3:a:sap:bw\/4hana:400:*:*:*:*:*:*:* cpe:2.3:a:sap:bw\/4hana:758:*:*:*:*:*:*:* cpe:2.3:a:sap:bw\/4hana:796:*:*:*:*:*:*:* cpe:2.3:a:sap:bw\/4hana:dw4core_200:*:*:*:*:*:*:* cpe:2.3:a:sap:bw\/4hana:754:*:*:*:*:*:*:* cpe:2.3:a:sap:bw\/4hana:753:*:*:*:*:*:*:* cpe:2.3:a:sap:bw\/4hana:751:*:*:*:*:*:*:* cpe:2.3:a:sap:bw\/4hana:300:*:*:*:*:*:*:* cpe:2.3:a:sap:bw\/4hana:752:*:*:*:*:*:*:* cpe:2.3:a:sap:bw\/4hana:sap_bw_740:*:*:*:*:*:*:* cpe:2.3:a:sap:bw\/4hana:755:*:*:*:*:*:*:* cpe:2.3:a:sap:bw\/4hana:757:*:*:*:*:*:*:* cpe:2.3:a:sap:bw\/4hana:756:*:*:*:*:*:*:* cpe:2.3:a:sap:bw\/4hana:750:*:*:*:*:*:*:* |
|
References | () https://me.sap.com/notes/3465455 - Permissions Required | |
References | () https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html - Patch, Vendor Advisory |
11 Jun 2024, 13:54
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
11 Jun 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-11 03:15
Updated : 2024-08-09 18:42
NVD link : CVE-2024-37176
Mitre link : CVE-2024-37176
CVE.ORG link : CVE-2024-37176
JSON object : View
Products Affected
sap
- bw\/4hana
CWE
CWE-862
Missing Authorization