cve/2024/CVE-2024-39600.md

### [CVE-2024-39600](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39600)
![](https://img.shields.io/static/v1?label=Product&message=SAP%20GUI%20for%20Windows&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=BC-FES-GUI%208%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%3A%20Exposure%20of%20Sensitive%20Information%20to%20an%20Unauthorized%20Actor&color=brightgreen)

### Description

Under certain conditions, the memory of SAP GUIfor Windows contains the password used to log on to an SAP system, which mightallow an attacker to get hold of the password and impersonate the affecteduser. As a result, it has a high impact on the confidentiality but there is noimpact on the integrity and availability.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds