Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-24741

SAP Master Data Governance for Material Data - versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804, does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read some sensitive information but no impact to integrity and availability.

Published

2024-02-13T04:15:08.340

Last Modified

2024-11-21T08:59:36.183

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-862

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	sap	master_data_governance_for_material_data	618	Yes
Application	sap	master_data_governance_for_material_data	619	Yes
Application	sap	master_data_governance_for_material_data	620	Yes
Application	sap	master_data_governance_for_material_data	621	Yes
Application	sap	master_data_governance_for_material_data	622	Yes
Application	sap	master_data_governance_for_material_data	800	Yes
Application	sap	master_data_governance_for_material_data	801	Yes
Application	sap	master_data_governance_for_material_data	802	Yes
Application	sap	master_data_governance_for_material_data	803	Yes
Application	sap	master_data_governance_for_material_data	804	Yes

References

https://me.sap.com/notes/2897391 Permissions Required ([email protected])
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html Vendor Advisory ([email protected])
https://me.sap.com/notes/2897391 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)