CVE-2024-25642

Name of the Vulnerable Software and Affected Versions SAP Cloud Connector version 2.0

Description The issue is related to improper validation of certificates in SAP Cloud Connector, allowing an attacker to impersonate genuine servers and break mutual authentication. This can lead to the interception of requests, potentially allowing the viewing or modification of sensitive information. The vulnerability affects the confidentiality and integrity of protected information, but there is no impact on system availability.

Recommendations For SAP Cloud Connector version 2.0, update the software to a version that properly validates certificates, ensuring mutual authentication is maintained to prevent impersonation attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.