admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/34xxx/CVE-2024-34689.json
CVE Team 816d547de7
"-Synchronized-Data."
2024-07-09 05:00:38 +00:00

145 lines
5.9 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-34689",
"ASSIGNER": "cna@sap.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebFlow Services of SAP Business Workflow allows\nan authenticated attacker to enumerate accessible HTTP endpoints in the\ninternal network by specially crafting HTTP requests. On successful\nexploitation this can result in information disclosure. It has no impact on\nintegrity and availability of the application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918: Server-Side Request Forgery",
"cweId": "CWE-918"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SAP_SE",
"product": {
"product_data": [
{
"product_name": "SAP Business Workflow (WebFlow Services)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "SAP_BASIS 700"
},
{
"version_affected": "=",
"version_value": "SAP_BASIS 701"
},
{
"version_affected": "=",
"version_value": "SAP_BASIS 702"
},
{
"version_affected": "=",
"version_value": "SAP_BASIS 731"
},
{
"version_affected": "=",
"version_value": "SAP_BASIS 740"
},
{
"version_affected": "=",
"version_value": "SAP_BASIS 750"
},
{
"version_affected": "=",
"version_value": "SAP_BASIS 751"
},
{
"version_affected": "=",
"version_value": "SAP_BASIS 752"
},
{
"version_affected": "=",
"version_value": "SAP_BASIS 753"
},
{
"version_affected": "=",
"version_value": "SAP_BASIS 754"
},
{
"version_affected": "=",
"version_value": "SAP_BASIS 755"
},
{
"version_affected": "=",
"version_value": "SAP_BASIS 756"
},
{
"version_affected": "=",
"version_value": "SAP_BASIS 757"
},
{
"version_affected": "=",
"version_value": "SAP_BASIS 758"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://url.sap/sapsecuritypatchday",
"refsource": "MISC",
"name": "https://url.sap/sapsecuritypatchday"
},
{
"url": "https://me.sap.com/notes/3458789",
"refsource": "MISC",
"name": "https://me.sap.com/notes/3458789"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink