CVE-2024-21735

Improper Authorization check in SAP LT Replication Server

CVSS 7.3 HIGHEPSS 0.4%CWE-863

Vexday Risk Score

21Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 7.3EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

09 jan 2024Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. This could allow an attacker with high privileges to perform unintended actions, resulting in escalation of privileges, which has High impact on confidentiality, integrity and availability of the system.

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

Produtos afetados

SAP_SE · SAP LT Replication Server

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://me.sap.com/notes/3407617 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html