SAP shared service framework allows an
authenticated non-administrative user to call a remote-enabled function, which
will allow them to insert value entries into a non-sensitive table, causing low
impact on integrity of the application
References
Link | Resource |
---|---|
https://me.sap.com/notes/3474590 | Permissions Required |
https://url.sap/sapsecuritypatchday | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
12 Sep 2024, 13:42
Type | Values Removed | Values Added |
---|---|---|
First Time |
Sap shared Service Framework
Sap |
|
Summary |
|
|
References | () https://me.sap.com/notes/3474590 - Permissions Required | |
References | () https://url.sap/sapsecuritypatchday - Vendor Advisory | |
CPE | cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_746:*:*:*:*:*:*:* cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_747:*:*:*:*:*:*:* cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_748:*:*:*:*:*:*:* cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_702:*:*:*:*:*:*:* cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_731:*:*:*:*:*:*:* |
13 Aug 2024, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-13 04:15
Updated : 2024-09-12 13:42
NVD link : CVE-2024-42377
Mitre link : CVE-2024-42377
CVE.ORG link : CVE-2024-42377
JSON object : View
Products Affected
sap
- shared_service_framework
CWE
CWE-862
Missing Authorization