CVE-2026-24311
Insecure Storage Protection vulnerability in SAP Customer Checkout 2.0
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.6EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
10 mar 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The SAP Customer Checkout application exhibits certain design characteristics that involve locally storing operational data using reversible protection mechanisms. Access to this data, combined with user?initiated interaction, may allow modifications to occur without validation. Such changes could affect system behaviour during startup, resulting in a high impact on the application's confidentiality and integrity, with a low impact on availability.
CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L
Productos afectados
SAP_SE · SAP Customer Checkout 2.0¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →