CVE-2024-24739
Published Feb 13, 2024
Last updated a month ago
Overview
- Description
- SAP Bank Account Management (BAM) allows an authenticated user with restricted access to use functions which can result in escalation of privileges with low impact on confidentiality, integrity and availability of the application.
- Source
- cna@sap.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.3
- Impact score
- 3.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- Severity
- MEDIUM
Weaknesses
- cna@sap.com
- CWE-862
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:bank_account_management:s4core_100:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA1ACAD6-9068-4468-83B2-8CB61F325BEA"
},
{
"criteria": "cpe:2.3:a:sap:bank_account_management:s4core_101:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76352086-0768-4A0F-91AB-BEE3CDA58AF9"
},
{
"criteria": "cpe:2.3:a:sap:bank_account_management:sap_fin_618:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5842D64D-C725-439A-82EA-A10FB0718DB5"
},
{
"criteria": "cpe:2.3:a:sap:bank_account_management:sap_fin_730:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D69CC7F0-A2F5-4C3F-80F6-F2397859A6C0"
}
],
"operator": "OR"
}
]
}
]