CVE-2024-28164

Published: Jun 11, 2024Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

SAP NetWeaver AS Java (CAF - Guided Procedures) allows an unauthenticated user to access non-sensitive information about the server which would otherwise be restricted causing low impact on confidentiality of the application.

Affected (1)

Products: Sap: Netweaver Application Server Java

Sap

1 product

Netweaver Application Server Java

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap Netweaver Application Server Java	Version gp-core_7.5

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

https://me.sap.com/notes/3425571

Source: cna@sap.com

Permissions Required

https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html

Source: cna@sap.com

Vendor Advisory

https://me.sap.com/notes/3425571

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.