CVE-2024-24739

{"id": "CVE-2024-24739", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.8}]}, "published": "2024-02-13T03:15:08.780", "references": [{"url": "https://me.sap.com/notes/2637727", "tags": ["Permissions Required"], "source": "[email protected]"}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://me.sap.com/notes/2637727", "tags": ["Permissions Required"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "SAP Bank Account Management (BAM) allows an authenticated user with restricted access to use functions which can result in escalation of privileges with low impact on confidentiality, integrity and availability of the application.\n\n"}, {"lang": "es", "value": "SAP Bank Account Management (BAM) permite que un usuario autenticado con acceso restringido utilice funciones que pueden resultar en una escalada de privilegios con bajo impacto en la confidencialidad, integridad y disponibilidad de la aplicaci\u00f3n."}], "lastModified": "2024-11-21T08:59:35.887", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:bank_account_management:s4core_100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA1ACAD6-9068-4468-83B2-8CB61F325BEA"}, {"criteria": "cpe:2.3:a:sap:bank_account_management:s4core_101:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76352086-0768-4A0F-91AB-BEE3CDA58AF9"}, {"criteria": "cpe:2.3:a:sap:bank_account_management:sap_fin_618:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5842D64D-C725-439A-82EA-A10FB0718DB5"}, {"criteria": "cpe:2.3:a:sap:bank_account_management:sap_fin_730:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D69CC7F0-A2F5-4C3F-80F6-F2397859A6C0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}