CVE-2024-24742

🗓️ 13 Feb 2024 02:42:56Reported by sapType

SAP CRM WebClient UI version S4FND 102-106, WEBCUIF 701-801 XSS vulnerabilit

Reporter	Title	Published	Views	Family All 12
BDU FSTEC	The vulnerability of the user interface of the SAP CRM WebClient UI, which allows an attacker to perform XSS attacks.	3 Jun 202400:00	–	bdu_fstec
Circl	CVE-2024-24742	13 Feb 202404:31	–	circl
CNNVD	SAP CRM Cross-Site Scripting Vulnerability	13 Feb 202400:00	–	cnnvd
Cvelist	CVE-2024-24742 Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)	13 Feb 202402:42	–	cvelist
EUVD	EUVD-2024-22141	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	15 Feb 202400:00	–	ncsc
NVD	CVE-2024-24742	13 Feb 202403:15	–	nvd
OSV	CVE-2024-24742	13 Feb 202403:15	–	osv
Prion	Cross site scripting	13 Feb 202403:15	–	prion
Positive Technologies	PT-2024-3898 · Sap · Sap Crm Webclient Ui	12 Feb 202400:00	–	ptsecurity

NVD

Vulners

Node

sap crm_-_webclient_uiMatchs4fnd_102

sap crm_-_webclient_uiMatchs4fnd_103

sap crm_-_webclient_uiMatchs4fnd_104

sap crm_-_webclient_uiMatchs4fnd_105

sap crm_-_webclient_uiMatchs4fnd_106

sap crm_-_webclient_uiMatchwebcuif_701

sap crm_-_webclient_uiMatchwebcuif_731

sap crm_-_webclient_uiMatchwebcuif_746

sap crm_-_webclient_uiMatchwebcuif_747

sap crm_-_webclient_uiMatchwebcuif_748

sap crm_-_webclient_uiMatchwebcuif_800

sap crm_-_webclient_uiMatchwebcuif_801

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP CRM (WebClient UI)",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "S4FND 102"
      },
      {
        "status": "affected",
        "version": "S4FND 103"
      },
      {
        "status": "affected",
        "version": "S4FND 104"
      },
      {
        "status": "affected",
        "version": "S4FND 105"
      },
      {
        "status": "affected",
        "version": "S4FND 106"
      },
      {
        "status": "affected",
        "version": "WEBCUIF 701"
      },
      {
        "status": "affected",
        "version": "WEBCUIF 731"
      },
      {
        "status": "affected",
        "version": "WEBCUIF 746"
      },
      {
        "status": "affected",
        "version": "WEBCUIF 747"
      },
      {
        "status": "affected",
        "version": "WEBCUIF 748"
      },
      {
        "status": "affected",
        "version": "WEBCUIF 800"
      },
      {
        "status": "affected",
        "version": "WEBCUIF 801"
      }
    ]
  }
]

Source	Link
me	www.me.sap.com/notes/3158455
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

21 Nov 2024 08:59Current

4.3Medium risk

Vulners AI Score4.3

CVSS 3.14.1

EPSS0.00222

SSVC

CWE-79