Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-34686

Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to craft a URL link which embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.

Published

2024-06-11T03:15:11.080

Last Modified

2024-11-21T09:19:11.657

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses
  • Type: Primary
    CWE-79
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application sap customer_relationship_management_webclient_ui 103 Yes
Application sap customer_relationship_management_webclient_ui 104 Yes
Application sap customer_relationship_management_webclient_ui 105 Yes
Application sap customer_relationship_management_webclient_ui 106 Yes
Application sap customer_relationship_management_webclient_ui 107 Yes
Application sap customer_relationship_management_webclient_ui 701 Yes
Application sap customer_relationship_management_webclient_ui 730 Yes
Application sap customer_relationship_management_webclient_ui 731 Yes
Application sap customer_relationship_management_webclient_ui 746 Yes
Application sap customer_relationship_management_webclient_ui 747 Yes
Application sap customer_relationship_management_webclient_ui 748 Yes
Application sap customer_relationship_management_webclient_ui 800 Yes
Application sap customer_relationship_management_webclient_ui 801 Yes
Application sap customer_relationship_management_webclient_ui s4fnd_102 Yes
Application sap customer_relationship_management_webclient_ui webcuif_700 Yes
References