PT-2024-31539 · Sap · Sap Production/Revenue Accounting

Published

2024-09-09

Updated

2024-09-10

CVE-2024-45286

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions SAP Production and Revenue Accounting (affected versions not specified)

Description The issue is due to a lack of proper authorization checks when calling the user function in the obsolete Tobin interface of SAP Production and Revenue Accounting. This allows unauthorized access, which could lead to the disclosure of highly sensitive data. There is no impact on the integrity or availability of the data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2024-45286

Affected Products

Sap Production/Revenue Accounting

PT-2024-31539 · Sap · Sap Production/Revenue Accounting

CVE-2024-45286

Weakness Enumeration

Related Identifiers

Affected Products

References · 8