admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-417xx/CVE-2024-41728.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

177 lines
6.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-41728",
"sourceIdentifier": "cna@sap.com",
"published": "2024-09-10T04:15:04.470",
"lastModified": "2024-09-16T14:14:52.840",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impact on confidentiality, as this attacker would otherwise not have access to view these objects."
},
{
"lang": "es",
"value": "Debido a la falta de verificaci\u00f3n de autorizaci\u00f3n, SAP NetWeaver Application Server para ABAP y ABAP Platform permite que un atacante que haya iniciado sesi\u00f3n como desarrollador lea objetos incluidos en un paquete. Esto afecta la confidencialidad, ya que, de lo contrario, el atacante no tendr\u00eda acceso para ver estos objetos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 2.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 2.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:700:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A3C915-0E5F-4B1A-B1EB-5ADEA517F620"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:701:*:*:*:*:*:*:*",
"matchCriteriaId": "98B2522A-B850-4EC2-B2F2-5EBF36801B39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:702:*:*:*:*:*:*:*",
"matchCriteriaId": "706FEB9E-3EE9-405E-A8C9-733DAF68AC6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:731:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC29738-CF17-4E6B-9C9E-879B17F7E001"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:*:*:*:*",
"matchCriteriaId": "127E508F-6CC1-41C8-96DF-8D14FFDD4020"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:750:*:*:*:*:*:*:*",
"matchCriteriaId": "7777AA80-1608-420E-B7D5-09ABECD51728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:751:*:*:*:*:*:*:*",
"matchCriteriaId": "0539618A-1C4D-463F-B2BB-DD1C239C23EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:752:*:*:*:*:*:*:*",
"matchCriteriaId": "62828DCD-F80E-4C7C-A988-EFEA06A5223E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:753:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F38585-73AE-4DBB-A978-F0272DF8FB58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:754:*:*:*:*:*:*:*",
"matchCriteriaId": "D416C064-BB8A-4230-A761-84A93E017F79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:755:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8D3EA0-28E6-4333-8C67-B9D3775EB9BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:756:*:*:*:*:*:*:*",
"matchCriteriaId": "72491771-4492-4902-9F0C-CE6A60BAA705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:757:*:*:*:*:*:*:*",
"matchCriteriaId": "421A5354-F764-402B-A3A4-2D746EACEB46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:758:*:*:*:*:*:*:*",
"matchCriteriaId": "48DFFD36-0A4A-417F-9BC5-77FD4152B637"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:912:*:*:*:*:*:*:*",
"matchCriteriaId": "D2F8173D-96E8-4194-9927-681AFF56B3F0"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3496410",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Patch"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink