Lucene search

[email protected]NVD:CVE-2024-44114

HistorySep 10, 2024 - 3:15 a.m.

CVE-2024-44114

2024-09-1003:15:03

CWE-863

[email protected]

web.nvd.nist.gov

sap netweaver

abap platform

data exposure

CVSS3

2.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

EPSS

Percentile

14.7%

JSON

SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. This results in a minimal impact on confidentiality of the application.

Affected configurations

Nvd

Node

sapnetweaver_application_server_abapMatch702

sapnetweaver_application_server_abapMatch731

sapnetweaver_application_server_abapMatch740

sapnetweaver_application_server_abapMatch750

sapnetweaver_application_server_abapMatch751

sapnetweaver_application_server_abapMatch752

sapnetweaver_application_server_abapMatch753

sapnetweaver_application_server_abapMatch754

sapnetweaver_application_server_abapMatch755

sapnetweaver_application_server_abapMatch756

sapnetweaver_application_server_abapMatch757

sapnetweaver_application_server_abapMatch758

sapnetweaver_application_server_abapMatch912

VendorProductVersionCPE
sapnetweaver_application_server_abap702cpe:2.3:a:sap:netweaver_application_server_abap:702:*:*:*:*:*:*:*
sapnetweaver_application_server_abap731cpe:2.3:a:sap:netweaver_application_server_abap:731:*:*:*:*:*:*:*
sapnetweaver_application_server_abap740cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:*:*:*:*
sapnetweaver_application_server_abap750cpe:2.3:a:sap:netweaver_application_server_abap:750:*:*:*:*:*:*:*
sapnetweaver_application_server_abap751cpe:2.3:a:sap:netweaver_application_server_abap:751:*:*:*:*:*:*:*
sapnetweaver_application_server_abap752cpe:2.3:a:sap:netweaver_application_server_abap:752:*:*:*:*:*:*:*
sapnetweaver_application_server_abap753cpe:2.3:a:sap:netweaver_application_server_abap:753:*:*:*:*:*:*:*
sapnetweaver_application_server_abap754cpe:2.3:a:sap:netweaver_application_server_abap:754:*:*:*:*:*:*:*
sapnetweaver_application_server_abap755cpe:2.3:a:sap:netweaver_application_server_abap:755:*:*:*:*:*:*:*
sapnetweaver_application_server_abap756cpe:2.3:a:sap:netweaver_application_server_abap:756:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sap	netweaver_application_server_abap	702	cpe:2.3:a:sap:netweaver_application_server_abap:702:::::::*
sap	netweaver_application_server_abap	731	cpe:2.3:a:sap:netweaver_application_server_abap:731:::::::*
sap	netweaver_application_server_abap	740	cpe:2.3:a:sap:netweaver_application_server_abap:740:::::::*
sap	netweaver_application_server_abap	750	cpe:2.3:a:sap:netweaver_application_server_abap:750:::::::*
sap	netweaver_application_server_abap	751	cpe:2.3:a:sap:netweaver_application_server_abap:751:::::::*
sap	netweaver_application_server_abap	752	cpe:2.3:a:sap:netweaver_application_server_abap:752:::::::*
sap	netweaver_application_server_abap	753	cpe:2.3:a:sap:netweaver_application_server_abap:753:::::::*
sap	netweaver_application_server_abap	754	cpe:2.3:a:sap:netweaver_application_server_abap:754:::::::*
sap	netweaver_application_server_abap	755	cpe:2.3:a:sap:netweaver_application_server_abap:755:::::::*
sap	netweaver_application_server_abap	756	cpe:2.3:a:sap:netweaver_application_server_abap:756:::::::*

Rows per page:

1-10 of 131

References

me.sap.com/notes/3507252

url.sap/sapsecuritypatchday

CVSS3

2.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

EPSS

Percentile

14.7%

JSON

Related for NVD:CVE-2024-44114

vulnrichment1 cve1 cvelist1 nessus1