CVE-2024-42376

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/08/2024
Last modified:
12/09/2024

Description

SAP Shared Service Framework does not perform necessary<br /> authorization check for an authenticated user, resulting in escalation of<br /> privileges. On successful exploitation, an attacker can cause a high impact on<br /> confidentiality of the application.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_702:*:*:*:*:*:*:*
cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_731:*:*:*:*:*:*:*
cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_746:*:*:*:*:*:*:*
cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_747:*:*:*:*:*:*:*
cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_748:*:*:*:*:*:*:*