SAP Shared Service Framework does not perform necessary
authorization check for an authenticated user, resulting in escalation of
privileges. On successful exploitation, an attacker can cause a high impact on
confidentiality of the application.
References
Link | Resource |
---|---|
https://me.sap.com/notes/3474590 | Permissions Required |
https://url.sap/sapsecuritypatchday | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
12 Sep 2024, 13:43
Type | Values Removed | Values Added |
---|---|---|
First Time |
Sap
Sap shared Service Framework |
|
References | () https://me.sap.com/notes/3474590 - Permissions Required | |
References | () https://url.sap/sapsecuritypatchday - Vendor Advisory | |
Summary |
|
|
CPE | cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_731:*:*:*:*:*:*:* cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_747:*:*:*:*:*:*:* cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_702:*:*:*:*:*:*:* cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_746:*:*:*:*:*:*:* cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_748:*:*:*:*:*:*:* |
13 Aug 2024, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-13 04:15
Updated : 2024-09-12 13:43
NVD link : CVE-2024-42376
Mitre link : CVE-2024-42376
CVE.ORG link : CVE-2024-42376
JSON object : View
Products Affected
sap
- shared_service_framework
CWE
CWE-862
Missing Authorization