Lucene search
HistoryMay 14, 2024 - 4:17 p.m.
CVE-2024-33000
sap bank account management
privilege escalation
authorization check
low impact
confidentiality
system
CVSS3
3.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
AI Score
4.2
Confidence
High
EPSS
0
Percentile
9.0%
SAP Bank Account Management does not perform necessary authorization check for an authorized user, resulting in escalation of privileges. As a result, it has a low impact to confidentiality to the system.
Related
cve
cve
CVE-2024-33000
2024-05-14 16:17:13
cvelist
cvelist
CVE-2024-33000 Missing Authorization check in SAP Bank Account Management
2024-05-14 03:46:59
vulnrichment
vulnrichment
CVE-2024-33000 Missing Authorization check in SAP Bank Account Management
2024-05-14 03:46:59
CVSS3
3.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
AI Score
4.2
Confidence
High
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2024-33000