PT-2024-29544 · Sap · Sap Bex Analyzer

Published

2024-09-09

Updated

2024-09-10

CVE-2024-41729

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions SAP BEx Analyzer (affected versions not specified)

Description The issue is related to missing authorization checks in SAP BEx Analyzer, allowing an authenticated attacker to access restricted information over the network. This can lead to the enumeration of information, causing a limited impact on the confidentiality of the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-359CWE-862

Related Identifiers

BDU:2025-12956

CVE-2024-41729

Affected Products

Sap Bex Analyzer

PT-2024-29544 · Sap · Sap Bex Analyzer

CVE-2024-41729

Weakness Enumeration

Related Identifiers

Affected Products

References · 9