7 matches found
CVE-2024-32731
SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a malicious attachment to a business trip request which will lead to a low impact on the confidentiality,...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to SAP My Travel Requests privilege excalation vulnerability [ CVE-2024-32731]
Summary Potential SAP My Travel Requests privilege excalation vulnerability CVE-2024-32731 have been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details...
SAP My Travel Requests Authorization Issues Vulnerability
SAP My Travel Requests is a transactional application from SAP, USA. An authorization issue vulnerability exists in SAP My Travel Requests, which stems from a failure to perform the required authorization checks on authenticated users, and can be exploited by an attacker to cause an escalation of...
CVE-2024-32731
SAP My Travel Requests contains a privilege-escalation vulnerability due to missing authorization checks for authenticated users. Exploitation could allow an attacker to upload a malicious attachment to a business trip request, with low impact on confidentiality, integrity and availability as des...
CVE-2024-32731 Missing Authorization check in SAP My Travel Requests
SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a malicious attachment to a business trip request which will lead to a low impact on the confidentiality,...
CVE-2024-32731 Missing Authorization check in SAP My Travel Requests
SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a malicious attachment to a business trip request which will lead to a low impact on the confidentiality,...
CVE-2023-24528
SAP Fiori apps for Travel Management in SAP ERP My Travel Requests - version 600, allows an authenticated attacker to exploit a certain misconfigured application endpoint to view sensitive data. This endpoint is normally exposed over the network and successful exploitation can lead to exposure of...