CVE-2024-39596 [CVE-2024-39596] Missing Authorization check vulnerability in SAP Enable Now

🗓️ 09 Jul 2024 04:25:57Reported by sapType

Missing Authorization check vulnerability in SAP Enable Now allows privilege escalatio

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability of the SAP Enable Now program for creating and managing training materials, related to deficiencies in the authentication process, allows a user to escalate their privileges and gain unauthorized access to protected information.	27 Dec 202400:00	–	bdu_fstec
Circl	CVE-2024-39596	9 Jul 202407:38	–	circl
CNNVD	SAP Enable Now 安全漏洞	9 Jul 202400:00	–	cnnvd
CNVD	SAP Enable Now Authorization Issues Vulnerability	19 Jul 202400:00	–	cnvd
CVE	CVE-2024-39596	9 Jul 202404:25	–	cve
EUVD	EUVD-2024-38116	3 Oct 202520:07	–	euvd
NVD	CVE-2024-39596	9 Jul 202405:15	–	nvd
RedhatCVE	CVE-2024-39596	23 May 202509:39	–	redhatcve
Vulnrichment	CVE-2024-39596 [CVE-2024-39596] Missing Authorization check vulnerability in SAP Enable Now	9 Jul 202404:25	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP Enable Now",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "WPB_MANAGER_CE 10"
      },
      {
        "status": "affected",
        "version": "WPB_MANAGER_HANA 10"
      },
      {
        "status": "affected",
        "version": "ENABLE_NOW_CONSUMP_DEL 1704"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3476348

09 Jul 2024 04:25Current

CVSS 3.14.3

EPSS0.00143

CWE-862