CVE-2024-24741
Last modified
CVE-2024-24741 is a medium-severity vulnerability rated 4.3/10 on the CVSS scale. SAP Master Data Governance for Material Data - versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804, does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read some sensitive information but no impact to integrity and availability. . EPSS estimates a 0.32% chance of exploitation in the next 30 days.
Description
SAP Master Data Governance for Material Data - versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804, does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read some sensitive information but no impact to integrity and availability.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sap | Master Data Governance For Material Data | 618 |
| Sap | Master Data Governance For Material Data | 619 |
| Sap | Master Data Governance For Material Data | 620 |
| Sap | Master Data Governance For Material Data | 621 |
| Sap | Master Data Governance For Material Data | 622 |
| Sap | Master Data Governance For Material Data | 800 |
| Sap | Master Data Governance For Material Data | 801 |
| Sap | Master Data Governance For Material Data | 802 |
| Sap | Master Data Governance For Material Data | 803 |
| Sap | Master Data Governance For Material Data | 804 |
References
- https://me.sap.com/notes/2897391Permissions Required
- https://me.sap.com/notes/2897391Permissions Required
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2024-24741?
How severe is CVE-2024-24741?
How do I fix CVE-2024-24741?
Are you affected by CVE-2024-24741?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST