PT-2024-4593 · Sap · Sap Student Life Cycle Management
Published
2024-05-07
·
Updated
2024-08-09
·
CVE-2024-34690
CVSS v2.0
5.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
SAP Student Life Cycle Management (SLcM) (affected versions not specified)
Description:
The issue is related to insufficient authorization checks in the SAP Student Life Cycle Management (SLcM) system, which can lead to the escalation of privileges. An attacker, acting remotely, can exploit this to access and edit non-sensitive report variants that are typically restricted, resulting in minimal impact on the confidentiality and integrity of the application.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sap Student Life Cycle Management