admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/45xxx/CVE-2024-45286.json
CVE Team 55c5305d4e
"-Synchronized-Data."
2024-09-10 04:00:35 +00:00

145 lines
5.8 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-45286",
"ASSIGNER": "cna@sap.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to lack of proper authorization checks when calling user, a function module in obsolete Tobin interface in SAP Production and Revenue Accounting allows unauthorized access that could lead to disclosure of highly sensitive data. There is no impact on integrity or availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SAP_SE",
"product": {
"product_data": [
{
"product_name": "SAP Production and Revenue Accounting (Tobin interface)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "S4CEXT 106"
},
{
"version_affected": "=",
"version_value": "S4CEXT 107"
},
{
"version_affected": "=",
"version_value": "S4CEXT 108"
},
{
"version_affected": "=",
"version_value": "IS-PRA 605"
},
{
"version_affected": "=",
"version_value": "IS-PRA 606"
},
{
"version_affected": "=",
"version_value": "IS-PRA 616"
},
{
"version_affected": "=",
"version_value": "IS-PRA 617"
},
{
"version_affected": "=",
"version_value": "IS-PRA 618"
},
{
"version_affected": "=",
"version_value": "IS-PRA 800"
},
{
"version_affected": "=",
"version_value": "IS-PRA 801"
},
{
"version_affected": "=",
"version_value": "IS-PRA 802"
},
{
"version_affected": "=",
"version_value": "IS-PRA 803"
},
{
"version_affected": "=",
"version_value": "IS-PRA 804"
},
{
"version_affected": "=",
"version_value": "IS-PRA 805"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://me.sap.com/notes/3488341",
"refsource": "MISC",
"name": "https://me.sap.com/notes/3488341"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"refsource": "MISC",
"name": "https://url.sap/sapsecuritypatchday"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink