CVE-2024-45284

{"id": "CVE-2024-45284", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cna@sap.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.4, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 0.9}]}, "published": "2024-09-10T05:15:12.407", "references": [{"url": "https://me.sap.com/notes/2256627", "source": "cna@sap.com"}, {"url": "https://url.sap/sapsecuritypatchday", "source": "cna@sap.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "cna@sap.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "An authenticated attacker with high privilege can use functions of SLCM transactions to which access should be restricted. This may result in an escalation of privileges causing low impact on integrity of the application."}, {"lang": "es", "value": "Un atacante autenticado con privilegios elevados puede utilizar funciones de transacciones SLCM a las que se deber\u00eda restringir el acceso. Esto puede dar lugar a una escalada de privilegios que tenga un impacto reducido en la integridad de la aplicaci\u00f3n."}], "lastModified": "2024-09-10T12:09:50.377", "sourceIdentifier": "cna@sap.com"}