Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2024-41734
HistoryAug 13, 2024 - 5:15 a.m.

CVE-2024-41734

2024-08-1305:15:13
CWE-862
[email protected]
web.nvd.nist.gov
3
cve-2024-41734
sap netweaver
auth check
disclosure
user information

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0

Percentile

14.7%

JSON

Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user related information. There is no impact on integrity or availability.

Affected configurations

Nvd
Node
sapnetweaver_application_server_abapMatchsap_basis_700
OR
sapnetweaver_application_server_abapMatchsap_basis_701
OR
sapnetweaver_application_server_abapMatchsap_basis_702
OR
sapnetweaver_application_server_abapMatchsap_basis_731
OR
sapnetweaver_application_server_abapMatchsap_basis_740
OR
sapnetweaver_application_server_abapMatchsap_basis_750
OR
sapnetweaver_application_server_abapMatchsap_basis_751
OR
sapnetweaver_application_server_abapMatchsap_basis_752
OR
sapnetweaver_application_server_abapMatchsap_basis_753
OR
sapnetweaver_application_server_abapMatchsap_basis_754
OR
sapnetweaver_application_server_abapMatchsap_basis_755
OR
sapnetweaver_application_server_abapMatchsap_basis_756
OR
sapnetweaver_application_server_abapMatchsap_basis_757
OR
sapnetweaver_application_server_abapMatchsap_basis_758
OR
sapnetweaver_application_server_abapMatchsap_basis_912
VendorProductVersionCPE
sapnetweaver_application_server_abapsap_basis_700cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_700:*:*:*:*:*:*:*
sapnetweaver_application_server_abapsap_basis_701cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_701:*:*:*:*:*:*:*
sapnetweaver_application_server_abapsap_basis_702cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_702:*:*:*:*:*:*:*
sapnetweaver_application_server_abapsap_basis_731cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_731:*:*:*:*:*:*:*
sapnetweaver_application_server_abapsap_basis_740cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_740:*:*:*:*:*:*:*
sapnetweaver_application_server_abapsap_basis_750cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_750:*:*:*:*:*:*:*
sapnetweaver_application_server_abapsap_basis_751cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_751:*:*:*:*:*:*:*
sapnetweaver_application_server_abapsap_basis_752cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_752:*:*:*:*:*:*:*
sapnetweaver_application_server_abapsap_basis_753cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_753:*:*:*:*:*:*:*
sapnetweaver_application_server_abapsap_basis_754cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_754:*:*:*:*:*:*:*
Rows per page:
1-10 of 151

Related

cve 1
cvelist 1
vulnrichment 1
nessus 1
cve
cve
CVE-2024-41734
2024-08-13 05:15:13
cvelist
cvelist
CVE-2024-41734 Missing Authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform
2024-08-13 04:18:03
vulnrichment
vulnrichment
CVE-2024-41734 Missing Authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform
2024-08-13 04:18:03
nessus
nessus
SAP NetWeaver AS ABAP Missing Authorization (3494349)
2024-08-15 00:00:00

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0

Percentile

14.7%

JSON
Related for NVD:CVE-2024-41734
cve1cvelist1vulnrichment1nessus1