CVE-2024-47592

Published Nov 12, 2024

Last updated 3 months ago

CVSS medium 5.3

Overview

Description: SAP NetWeaver AS Java allows an unauthenticated attacker to brute force the login functionality in order to identify the legitimate user IDs. This has an impact on confidentiality but not on integrity or availability.
Source: cna@sap.com
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 5.3
Impact score: 1.4
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity: MEDIUM

Weaknesses

cna@sap.com: CWE-307

Hype score: Not currently trending

CVE-2024-47592 SAP NetWeaver AS Java allows an unauthenticated attacker to brute force the login functionality in order to identify the legitimate user IDs. This has an impact on co… https://t.co/NHKkruBYHl
@CVEnew
12 Nov 2024
409 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References