CVE-2024-37173

🗓️ 09 Jul 2024 04:15:12Reported by [email protected]Type

nvd

nvd🔗 web.nvd.nist.gov👁 15 Views

Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to execute malicious script via crafted UR

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2024-37173	9 Jul 202406:48	–	circl
CNNVD	SAP CRM Cross-Site Scripting Vulnerability	9 Jul 202400:00	–	cnnvd
CVE	CVE-2024-37173	9 Jul 202403:57	–	cve
Cvelist	CVE-2024-37173 [Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)	9 Jul 202403:57	–	cvelist
EUVD	EUVD-2024-36479	3 Oct 202520:07	–	euvd
OSV	CVE-2024-37173	9 Jul 202404:15	–	osv
Positive Technologies	PT-2024-27355 · Sap · Sap Crm Webclient Ui	8 Jul 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-37173	23 May 202507:43	–	redhatcve
Vulnrichment	CVE-2024-37173 [Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)	9 Jul 202403:57	–	vulnrichment

NVD

Node

sap customer_relationship_management_s4fndMatch102

OR

sap customer_relationship_management_s4fndMatch103

OR

sap customer_relationship_management_s4fndMatch104

OR

sap customer_relationship_management_s4fndMatch105

OR

sap customer_relationship_management_s4fndMatch106

OR

sap customer_relationship_management_s4fndMatch107

OR

sap customer_relationship_management_s4fndMatch108

OR

sap customer_relationship_management_webclient_uiMatch701

OR

sap customer_relationship_management_webclient_uiMatch731

OR

sap customer_relationship_management_webclient_uiMatch746

OR

sap customer_relationship_management_webclient_uiMatch747

OR

sap customer_relationship_management_webclient_uiMatch748

OR

sap customer_relationship_management_webclient_uiMatch800

OR

sap customer_relationship_management_webclient_uiMatch801

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3467377

17 Jun 2026 07:37Current

CVSS 3.16.1

EPSS0.00266

sap crm webclient input validation unauthenticated attacker malicious script crafted url information access