CVE-2026-24310
Missing Authorization check in SAP NetWeaver Application Server for ABAP
Vexday Risk Score
8Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 3.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
10 mar 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module and read the sensitive information from database catalog of the ABAP system. This vulnerability has low impact on the application's confidentiality with no effect on the integrity and availability.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
Productos afectados
SAP_SE · SAP NetWeaver Application Server for ABAP¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →