CVE-2024-42376 Multiple Missing Authorization Check vulnerabilities in SAP Shared Service Framework

🗓️ 13 Aug 2024 03:39:04Reported by sapType

SAP Shared Service Framework Missing Authorization Check CVE-2024-42376

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the SAP Shared Service Framework’s network service management software, related to deficiencies in the authentication process, allows a perpetrator to gain unauthorized access to protected information.	16 Sep 202400:00	–	bdu_fstec
Circl	CVE-2024-42376	13 Aug 202407:03	–	circl
CNNVD	SAP Shared Service Framework 安全漏洞	13 Aug 202400:00	–	cnnvd
CVE	CVE-2024-42376	13 Aug 202403:39	–	cve
EUVD	EUVD-2024-39581	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	13 Aug 202413:47	–	ncsc
NVD	CVE-2024-42376	13 Aug 202404:15	–	nvd
OSV	CVE-2024-42376	13 Aug 202404:15	–	osv
Positive Technologies	PT-2024-6127	12 Aug 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-42376	23 May 202506:37	–	redhatcve

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP Shared Service Framework",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "SAP_BS_FND 702"
      },
      {
        "status": "affected",
        "version": "731"
      },
      {
        "status": "affected",
        "version": "746"
      },
      {
        "status": "affected",
        "version": "747"
      },
      {
        "status": "affected",
        "version": "748"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3474590

13 Aug 2024 03:39Current

CVSS 3.16.5

EPSS0.00321

CWE-862