SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.
References
Link | Resource |
---|---|
https://me.sap.com/notes/3477423 | Permissions Required |
https://url.sap/sapsecuritypatchday | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
12 Sep 2024, 13:29
Type | Values Removed | Values Added |
---|---|---|
References | () https://me.sap.com/notes/3477423 - Permissions Required | |
References | () https://url.sap/sapsecuritypatchday - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
First Time |
Sap document Builder
Sap |
|
Summary |
|
|
CPE | cpe:2.3:a:sap:document_builder:sap_bs_fnd_748:*:*:*:*:*:*:* cpe:2.3:a:sap:document_builder:s4fnd_102:*:*:*:*:*:*:* cpe:2.3:a:sap:document_builder:sap_bs_fnd_747:*:*:*:*:*:*:* cpe:2.3:a:sap:document_builder:s4fnd_103:*:*:*:*:*:*:* cpe:2.3:a:sap:document_builder:sap_bs_fnd_702:*:*:*:*:*:*:* cpe:2.3:a:sap:document_builder:sap_bs_fnd_731:*:*:*:*:*:*:* cpe:2.3:a:sap:document_builder:s4fnd_104:*:*:*:*:*:*:* cpe:2.3:a:sap:document_builder:s4fnd_106:*:*:*:*:*:*:* cpe:2.3:a:sap:document_builder:s4fnd_108:*:*:*:*:*:*:* cpe:2.3:a:sap:document_builder:sap_bs_fnd_746:*:*:*:*:*:*:* cpe:2.3:a:sap:document_builder:s4fnd_105:*:*:*:*:*:*:* cpe:2.3:a:sap:document_builder:s4fnd_107:*:*:*:*:*:*:* |
13 Aug 2024, 05:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-13 05:15
Updated : 2024-09-12 13:29
NVD link : CVE-2024-39591
Mitre link : CVE-2024-39591
CVE.ORG link : CVE-2024-39591
JSON object : View
Products Affected
sap
- document_builder
CWE
CWE-862
Missing Authorization