CVE-2024-42377

🗓️ 13 Aug 2024 03:41:55Reported by sapType

SAP shared service framework allows non-admin user to insert value entrie

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2024-42377	13 Aug 202407:03	–	circl
Cvelist	CVE-2024-42377 Multiple Missing Authorization Check vulnerabilities in SAP Shared Service Framework	13 Aug 202403:41	–	cvelist
EUVD	EUVD-2024-39582	3 Oct 202520:07	–	euvd
NVD	CVE-2024-42377	13 Aug 202404:15	–	nvd
Positive Technologies	PT-2024-6828 · Sap · Sap Shared Service Framework	12 Aug 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-42377	23 May 202506:37	–	redhatcve
Vulnrichment	CVE-2024-42377 Multiple Missing Authorization Check vulnerabilities in SAP Shared Service Framework	13 Aug 202403:41	–	vulnrichment

NVD

Vulners

Node

sap shared_service_frameworkMatchsap_bs_fnd_702

sap shared_service_frameworkMatchsap_bs_fnd_731

sap shared_service_frameworkMatchsap_bs_fnd_746

sap shared_service_frameworkMatchsap_bs_fnd_747

sap shared_service_frameworkMatchsap_bs_fnd_748

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP Shared Service Framework",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "SAP_BS_FND 702"
      },
      {
        "status": "affected",
        "version": "731"
      },
      {
        "status": "affected",
        "version": "746"
      },
      {
        "status": "affected",
        "version": "747"
      },
      {
        "status": "affected",
        "version": "748"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3474590

12 Sep 2024 13:42Current

4.6Medium risk

Vulners AI Score4.6

CVSS 3.14.3

EPSS0.00188

SSVC

CWE-862