Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-45282

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations. Confidentiality and Availability are not impacted.

Published

2024-10-08T04:15:08.633

Last Modified

2024-11-14T17:56:17.007

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-650

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	sap	s\/4_hana	102	Yes
Application	sap	s\/4_hana	103	Yes
Application	sap	s\/4_hana	104	Yes
Application	sap	s\/4_hana	105	Yes
Application	sap	s\/4_hana	106	Yes
Application	sap	s\/4_hana	107	Yes

References

https://me.sap.com/notes/3251893 Permissions Required ([email protected])
https://url.sap/sapsecuritypatchday Vendor Advisory ([email protected])