CVE-2024-47595

Published Nov 12, 2024

Last updated 3 months ago

Overview

Description: An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access. On successful exploitation the attacker could cause high impact on confidentiality and integrity of the application.
Source: cna@sap.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.1
Impact score: 5.2
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
cna@sap.com: CWE-266

Hype score: Not currently trending

CVE-2024-47595 (CVSS:7.1, HIGH) is Analyzed. An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access...https://t.co/f9lVMVHJCt #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
17 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:sap:host_agent:7.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E135017-1492-49F5-B3ED-F69D5476FB46"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References