mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-30 18:04:30 +00:00
145 lines
5.8 KiB
JSON
145 lines
5.8 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-34683",
|
|
"ASSIGNER": "cna@sap.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "An authenticated attacker can upload malicious\nfile to SAP Document Builder service. When the victim accesses this file, the\nattacker is allowed to access, modify, or make the related information\nunavailable in the victim\u2019s browser."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-434: Unrestricted Upload of File with Dangerous Type",
|
|
"cweId": "CWE-434"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "SAP_SE",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "SAP Document Builder",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "S4CORE 100"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "101"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "S4FND 102"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "103"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "104"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "105"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "106"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "107"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "108"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "SAP_BS_FND 702"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "731"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "746"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "747"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "748"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://me.sap.com/notes/3459379",
|
|
"refsource": "MISC",
|
|
"name": "https://me.sap.com/notes/3459379"
|
|
},
|
|
{
|
|
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html",
|
|
"refsource": "MISC",
|
|
"name": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.2.0"
|
|
},
|
|
"source": {
|
|
"discovery": "UNKNOWN"
|
|
},
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "NETWORK",
|
|
"availabilityImpact": "LOW",
|
|
"baseScore": 6.5,
|
|
"baseSeverity": "MEDIUM",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"scope": "CHANGED",
|
|
"userInteraction": "REQUIRED",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
|
|
"version": "3.1"
|
|
}
|
|
]
|
|
}
|
|
} |