CVE-2024-39600
[CVE-2024-39600] Information Disclosure vulnerability in SAP GUI for Windows
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
09 jul 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Under certain conditions, the memory of SAP GUI
for Windows contains the password used to log on to an SAP system, which might
allow an attacker to get hold of the password and impersonate the affected
user. As a result, it has a high impact on the confidentiality but there is no
impact on the integrity and availability.
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N
Productos afectados
SAP_SE · SAP GUI for Windows¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →