Lucene search

[email protected]NVD:CVE-2024-25644

HistoryMar 12, 2024 - 1:15 a.m.

CVE-2024-25644

2024-03-1201:15:49

CWE-732

[email protected]

web.nvd.nist.gov

sap

netweaver

wsrm

vulnerability

2024-25644

information access

confidentiality

low impact

integrity

availability

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

Percentile

9.0%

JSON

Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application.

References

me.sap.com/notes/3425682

support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2024-25644

cve1 prion1 cvelist1 vulnrichment1