admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-371xx/CVE-2024-37178.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

72 lines
2.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-37178",
"sourceIdentifier": "cna@sap.com",
"published": "2024-06-11T02:15:09.487",
"lastModified": "2024-11-21T09:23:22.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP Financial Consolidation does not\nsufficiently encode user-controlled inputs, resulting in Cross-Site Scripting\n(XSS) vulnerability. These endpoints are exposed over the network. The\nvulnerability can exploit resources beyond the vulnerable component. On\nsuccessful exploitation, an attacker can cause limited impact to\nconfidentiality of the application."
},
{
"lang": "es",
"value": "SAP Financial Consolidation no codifica suficientemente las entradas controladas por el usuario, lo que genera una vulnerabilidad de Cross-Site Scripting (XSS). Estos endpoints est\u00e1n expuestos a trav\u00e9s de la red. La vulnerabilidad puede explotar recursos m\u00e1s all\u00e1 del componente vulnerable. Si la explotaci\u00f3n tiene \u00e9xito, un atacante puede causar un impacto limitado en la confidencialidad de la aplicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cna@sap.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3457592",
"source": "cna@sap.com"
},
{
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html",
"source": "cna@sap.com"
},
{
"url": "https://me.sap.com/notes/3457592",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink