admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-217xx/CVE-2024-21735.json
cad-safe-bot 1c57b520c3 Auto-Update: 2024-01-30T23:00:41.061892+00:00
2024-01-30 23:00:44 +00:00

141 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-21735",
"sourceIdentifier": "cna@sap.com",
"published": "2024-01-09T01:15:39.350",
"lastModified": "2024-01-30T22:15:53.150",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. This could allow an attacker with high privileges to perform unintended actions, resulting in escalation of privileges, which has High impact on confidentiality, integrity and availability of the system.\n\n"
},
{
"lang": "es",
"value": "SAP LT Replication Server - versi\u00f3n S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, no realizan las comprobaciones de autorizaci\u00f3n necesarias. Esto podr\u00eda permitir que un atacante con altos privilegios realice acciones no deseadas, lo que resultar\u00eda en una escalada de privilegios, lo que tiene un alto impacto en la confidencialidad, la integridad y la disponibilidad del sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.7,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:lt_replication_server:s4core_103:*:*:*:*:*:*:*",
"matchCriteriaId": "B477DF53-4DBA-4F17-B852-FB004DF367E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:lt_replication_server:s4core_104:*:*:*:*:*:*:*",
"matchCriteriaId": "3676498C-2D40-407F-B181-A81E71895A2C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:lt_replication_server:s4core_105:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7A55BD-B074-485E-BB85-283EE1A2D93F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:lt_replication_server:s4core_106:*:*:*:*:*:*:*",
"matchCriteriaId": "EC139C41-C3D8-4481-8BDA-D5A12AC2AF39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:lt_replication_server:s4core_107:*:*:*:*:*:*:*",
"matchCriteriaId": "D287F22B-0F48-444B-A665-CCE8A7992FD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:lt_replication_server:s4core_108:*:*:*:*:*:*:*",
"matchCriteriaId": "85C3C978-D865-49DE-AC63-7FC1FE3ECC00"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3407617",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink