CVE-2024-47595

Published Nov 12, 2024

Last updated 3 days ago

Overview

Description: An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access. On successful exploitation the attacker could cause high impact on confidentiality and integrity of the application.
Source: cna@sap.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.1
Impact score: 5.2
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
cna@sap.com: CWE-266

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score: 1

CVE-2024-47595 (CVSS:7.1, HIGH) is Analyzed. An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access...https://t.co/f9lVMVHJCt #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
17 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:sap:host_agent:7.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E135017-1492-49F5-B3ED-F69D5476FB46"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References