Lucene search
SapCVE-2024-44114HistorySep 10, 2024 - 3:15 a.m.
CVE-2024-44114
2024-09-1003:15:03
CWE-863
sap
web.nvd.nist.gov
24
sap
netweaver
abap
data exposure
network vulnerability
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
AI Score
7.1
Confidence
High
EPSS
0
Percentile
14.7%
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. This results in a minimal impact on confidentiality of the application.
Affected configurations
Node
sapnetweaver_application_server_abapMatch702
ORsapnetweaver_application_server_abapMatch731
ORsapnetweaver_application_server_abapMatch740
ORsapnetweaver_application_server_abapMatch750
ORsapnetweaver_application_server_abapMatch751
ORsapnetweaver_application_server_abapMatch752
ORsapnetweaver_application_server_abapMatch753
ORsapnetweaver_application_server_abapMatch754
ORsapnetweaver_application_server_abapMatch755
ORsapnetweaver_application_server_abapMatch756
ORsapnetweaver_application_server_abapMatch757
ORsapnetweaver_application_server_abapMatch758
ORsapnetweaver_application_server_abapMatch912
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sap | netweaver_application_server_abap | 702 | cpe:2.3:a:sap:netweaver_application_server_abap:702:*:*:*:*:*:*:* |
| sap | netweaver_application_server_abap | 731 | cpe:2.3:a:sap:netweaver_application_server_abap:731:*:*:*:*:*:*:* |
| sap | netweaver_application_server_abap | 740 | cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:*:*:*:* |
| sap | netweaver_application_server_abap | 750 | cpe:2.3:a:sap:netweaver_application_server_abap:750:*:*:*:*:*:*:* |
| sap | netweaver_application_server_abap | 751 | cpe:2.3:a:sap:netweaver_application_server_abap:751:*:*:*:*:*:*:* |
| sap | netweaver_application_server_abap | 752 | cpe:2.3:a:sap:netweaver_application_server_abap:752:*:*:*:*:*:*:* |
| sap | netweaver_application_server_abap | 753 | cpe:2.3:a:sap:netweaver_application_server_abap:753:*:*:*:*:*:*:* |
| sap | netweaver_application_server_abap | 754 | cpe:2.3:a:sap:netweaver_application_server_abap:754:*:*:*:*:*:*:* |
| sap | netweaver_application_server_abap | 755 | cpe:2.3:a:sap:netweaver_application_server_abap:755:*:*:*:*:*:*:* |
| sap | netweaver_application_server_abap | 756 | cpe:2.3:a:sap:netweaver_application_server_abap:756:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver Application Server for ABAP and ABAP Platform",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "702"
},
{
"status": "affected",
"version": "731"
},
{
"status": "affected",
"version": "740"
},
{
"status": "affected",
"version": "750"
},
{
"status": "affected",
"version": "751"
},
{
"status": "affected",
"version": "752"
},
{
"status": "affected",
"version": "753"
},
{
"status": "affected",
"version": "754"
},
{
"status": "affected",
"version": "755"
},
{
"status": "affected",
"version": "756"
},
{
"status": "affected",
"version": "757"
},
{
"status": "affected",
"version": "758"
},
{
"status": "affected",
"version": "912"
}
]
}
]Related
vulnrichment
vulnrichment
nessus
nessus
SAP NetWeaver AS ABAP Information Disclosure (3507252)
2024-09-13 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2024-44114
2024-09-10 03:15:03
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
AI Score
7.1
Confidence
High
EPSS
0
Percentile
14.7%
Related for CVE-2024-44114