admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-423xx/CVE-2024-42377.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

127 lines
3.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-42377",
"sourceIdentifier": "cna@sap.com",
"published": "2024-08-13T04:15:11.290",
"lastModified": "2024-09-12T13:42:11.890",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP shared service framework allows an\nauthenticated non-administrative user to call a remote-enabled function, which\nwill allow them to insert value entries into a non-sensitive table, causing low\nimpact on integrity of the application"
},
{
"lang": "es",
"value": "El framework de servicios compartidos de SAP permite a un usuario no administrativo autenticado llamar a una funci\u00f3n habilitada de forma remota, lo que le permitir\u00e1 insertar entradas de valores en una tabla no confidencial, lo que causa un bajo impacto en la integridad de la aplicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_702:*:*:*:*:*:*:*",
"matchCriteriaId": "5AC1EAA0-7B20-4B4C-9F7D-8F7832D91BCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_731:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE56A04-ADDE-4A27-87CA-C801DFA5CD80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_746:*:*:*:*:*:*:*",
"matchCriteriaId": "36822481-BB89-421A-99D5-33854E6080B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_747:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA0ED8A-F75D-49DF-BD37-CD3273E2F8E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_748:*:*:*:*:*:*:*",
"matchCriteriaId": "6852223A-C675-4F29-92E4-90092DBDF11E"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3474590",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink