CVE-2024-54197

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Administrator (affected versions not specified)

Description: The issue allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests, potentially resulting in Server-Side Request Forgery (SSRF). This could have a low impact on the integrity and confidentiality of data, with no impact on the availability of the application. The vulnerability is related to insufficient server-side request checking.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.