Lucene search

[email protected]NVD:CVE-2024-41736

HistoryAug 13, 2024 - 4:15 a.m.

CVE-2024-41736

2024-08-1304:15:09

CWE-200

[email protected]

web.nvd.nist.gov

sap permit to work

authenticated attacker

restricted information

confidentiality

low impact

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

Percentile

14.7%

JSON

Under certain conditions SAP Permit to Work
allows an authenticated attacker to access information which would otherwise be
restricted causing low impact on the confidentiality of the application.

Affected configurations

Nvd

Node

sappermit_to_workMatchuis4hop1_800

sappermit_to_workMatchuis4hop1_900

VendorProductVersionCPE
sappermit_to_workuis4hop1_800cpe:2.3:a:sap:permit_to_work:uis4hop1_800:*:*:*:*:*:*:*
sappermit_to_workuis4hop1_900cpe:2.3:a:sap:permit_to_work:uis4hop1_900:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sap	permit_to_work	uis4hop1_800	cpe:2.3:a:sap:permit_to_work:uis4hop1_800:::::::*
sap	permit_to_work	uis4hop1_900	cpe:2.3:a:sap:permit_to_work:uis4hop1_900:::::::*

References

me.sap.com/notes/3475427

url.sap/sapsecuritypatchday

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

Percentile

14.7%

JSON

Related for NVD:CVE-2024-41736

cvelist1 vulnrichment1 cve1