← Back

Shared Service Framework

shared_service_framework

Vendor: Sap • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-42377
1Sap
1Shared Service Framework
Sep 12, 2024
Aug 13, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
SAP shared service framework allows an authenticated non-administrative user to call a remote-enabled function, which will allow them to insert value entries into a non-sensitive table, causing low impact on integrity of...Show more
SAP shared service framework allows an authenticated non-administrative user to call a remote-enabled function, which will allow them to insert value entries into a non-sensitive table, causing low impact on integrity of the applicationShow less
CVE-2024-42376
1Sap
1Shared Service Framework
Sep 12, 2024
Aug 13, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
SAP Shared Service Framework does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. On successful exploitation, an attacker can cause a high impact on confidentia...Show more
SAP Shared Service Framework does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. On successful exploitation, an attacker can cause a high impact on confidentiality of the application.Show less