mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
121 lines
4.7 KiB
JSON
121 lines
4.7 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-24740",
|
|
"ASSIGNER": "cna@sap.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.93, KERNEL 7.94, KRNL64UC 7.53, under certain conditions,\u00a0allows an attacker to access information which could otherwise be restricted with low impact on confidentiality of the application.\n\n"
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
|
|
"cweId": "CWE-200"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "SAP_SE",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "SAP NetWeaver Application Server ABAP (SAP Kernel)",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.53"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.54"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.77"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.85"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.89"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.93"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KERNEL 7.94"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "KRNL64UC 7.53"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://me.sap.com/notes/3360827",
|
|
"refsource": "MISC",
|
|
"name": "https://me.sap.com/notes/3360827"
|
|
},
|
|
{
|
|
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
|
|
"refsource": "MISC",
|
|
"name": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.1.0-dev"
|
|
},
|
|
"source": {
|
|
"discovery": "UNKNOWN"
|
|
},
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "NETWORK",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.3,
|
|
"baseSeverity": "MEDIUM",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "NONE",
|
|
"privilegesRequired": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
|
"version": "3.1"
|
|
}
|
|
]
|
|
}
|
|
} |