← voltar
CVE-2026-24311

Insecure Storage Protection vulnerability in SAP Customer Checkout 2.0

CVSS 5.6 MEDIUMEPSS 0.1%CWE-312
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.6EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
10 mar 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
The SAP Customer Checkout application exhibits certain design characteristics that involve locally storing operational data using reversible protection mechanisms. Access to this data, combined with user?initiated interaction, may allow modifications to occur without validation. Such changes could affect system behaviour during startup, resulting in a high impact on the application's confidentiality and integrity, with a low impact on availability.
CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L
Produtos afetados
SAP_SE · SAP Customer Checkout 2.0

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://me.sap.com/notes/3708457https://url.sap/sapsecuritypatchday