admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-330xx/CVE-2024-33005.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

407 lines
15 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-33005",
"sourceIdentifier": "cna@sap.com",
"published": "2024-08-13T04:15:07.740",
"lastModified": "2024-09-12T14:39:03.480",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to the missing authorization checks in the\nlocal systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application\nServer (ABAP and Java), and SAP Content Server can impersonate other users and\nmay perform some unintended actions. This could lead to a low impact on\nconfidentiality and a high impact on the integrity and availability of the\napplications."
},
{
"lang": "es",
"value": "Debido a la falta de comprobaciones de autorizaci\u00f3n en los sistemas locales, los usuarios administradores de SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP y Java) y SAP Content Server pueden hacerse pasar por otros usuarios y realizar algunas acciones no deseadas. Esto podr\u00eda tener un impacto bajo en la confidencialidad y un impacto alto en la integridad y disponibilidad de las aplicaciones."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_abap:kernel_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "816DBDA9-E4F1-476B-95B3-19758627E3A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_abap:kernel_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E640D6CD-A1BA-46C5-B652-0A65F6FF17E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_abap:kernel_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3C3F09-14C5-4E8C-93B4-40F444F3B9F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_abap:kernel_7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "6F567192-ED9A-47B9-A386-0A83AB64948E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_abap:kernel_7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "86C349D7-8F6C-42F4-9B8B-A7E0008FB3A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_abap:kernel_7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "A548E7E7-EAB0-40B7-89BD-F7682F76FD45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_abap:kernel_7.93:*:*:*:*:*:*:*",
"matchCriteriaId": "B3532BC5-507D-4517-A017-19E2B95A8FD9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_abap:krnl64nuc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1BE43A-6659-4C08-8194-F85FA47D7D81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_abap:krnl64nuc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "4673CFDB-C17D-437B-8FE8-F0EA5BA97831"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E415C122-70DF-478E-8493-4CF9E9AD934C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5A9939-C663-4B52-97DB-64D80B40FB5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5C3E99-E68D-4CC2-8F9B-779406AE8B1A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_java:kernel_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E0DB3FCF-F720-4DA5-AF2D-D0E3B1F2297E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_java:kernel_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "7109185C-385B-451E-AD63-BC09BD06B1F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_java:kernel_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "D30D9CA9-4704-4CEA-AC05-C501ED5AAFCB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_java:kernel_7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "FDDEDE97-D538-4899-BEC0-0A1AF88283F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_java:kernel_7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "A80E509A-4262-41F0-92B4-1A3639F4B80D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_java:kernel_7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "016D047B-F45A-4357-865F-75C6EB392FA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_java:kernel_7.93:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA04598-FB33-4DF1-A5B1-1433FB7BCA28"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_java:krnl64nuc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "D41AD192-F087-441A-B875-3626AD1142F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_java:krnl64nuc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "6F8A21AA-F5E0-4332-9654-DABDCA0C5363"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_java:krnl64uc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "D31F22F6-7C40-4FDB-A8CE-EF63E9E7B220"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_java:krnl64uc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "4CABDDC7-44AF-4F15-BEB0-C60EFE732B3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_java:krnl64uc_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "F373984D-DB7D-4FA8-B8B1-DA9F55B4CDE3"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:content_server:kernel_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4E320D-178F-4F08-A9F6-8244148768EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:content_server:kernel_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "414F67F4-A294-4097-B6E1-7FBBDEDB8AE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:content_server:kernel_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0EDBD6-7716-4521-8E98-392DA6C6D7E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:content_server:kernel_7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "36362B65-8434-404C-AAE6-D778E533B1DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:content_server:kernel_7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF1E060-A7ED-4ED3-A514-FCDE6EE52C57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:content_server:kernel_7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "598F9F0F-82C7-4199-8E86-65D8D6FC2BA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:content_server:kernel_7.93:*:*:*:*:*:*:*",
"matchCriteriaId": "FA38CCCD-9003-4A64-8646-66C4719C366F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:content_server:krnl64nuc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5C4003CF-11F3-4BF6-B976-37DC0BB5F881"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:content_server:krnl64nuc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "70C658C4-2571-4C71-A4CA-82AA6A4E7259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:content_server:krnl64uc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "B0052599-8162-44D5-B7B6-72C3DD621DB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:content_server:krnl64uc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "E09C7350-983D-4D9D-B0EA-E1D9262EF6C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:content_server:krnl64uc_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4191B6B2-EC7E-460E-A98F-A239AF022454"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E1A535-8362-454E-AC22-85C4E957CCF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E4BC89-114A-4EA3-A9E8-D956A26BCB18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "65A5FFAC-93F9-4204-9FA1-4D749D443173"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "E0098E57-6A7F-4CC6-8109-E2400E0FFFEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "E7ABB030-9A13-4194-A2A4-9623B2F22D7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "DB22EAAE-F75C-4902-9734-52B048D5D7B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:kernel_7.93:*:*:*:*:*:*:*",
"matchCriteriaId": "30459CD4-451D-4C3D-8FE2-17552F83D7CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:krnl64nuc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA8BFCF-0A55-4DEE-B426-1DEF04DA0464"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:krnl64nuc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "54AE89EF-E64B-43C5-B9C2-8F41ACCD3482"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:krnl64uc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "52C58E1D-8A91-451C-A1E1-85BE336DC763"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:krnl64uc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "89262244-880C-41CB-A904-3B06D3A73460"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:krnl64uc_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8CD933-E217-445A-B244-C07625F9EE74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:webdisp_7.22_ext:*:*:*:*:*:*:*",
"matchCriteriaId": "715F51D3-00BA-4512-A8E4-FE32F4B176F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:webdisp_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "5481831F-91CC-49DD-A54B-277A6E6D22AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:webdisp_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "F04B311B-7FCC-421E-BF3C-8D020245F83D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:webdisp_7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "44FA685E-8C00-45E0-AC72-C21EA1DD66FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:webdisp_7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "3905B636-9BD2-4D27-8CE8-35135F98B7BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:webdisp_7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B0AEE9-CD7F-47D5-8F3C-08E1BEE9E820"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:web_dispatcher:webdisp_7.93:*:*:*:*:*:*:*",
"matchCriteriaId": "C04CED5F-79E6-410C-8BA4-2F202810576A"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3438085",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink