CVE-2024-27901

Name of the Vulnerable Software and Affected Versions SAP Asset Accounting (affected versions not specified)

Description The issue is related to insufficient validation of path information provided by users, which can be exploited by a high-privileged attacker to impact the confidentiality, integrity, and availability of the application. This can be achieved by passing the path information through to the file API's. The exploitation may involve a specially crafted HTML page.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.