CVE-2026-24309

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server for ABAP (affected versions not specified)

Description A missing authorization check in SAP NetWeaver Application Server for ABAP allows an authenticated attacker to execute a specific ABAP function module. This could enable the attacker to read, modify, or insert entries into the database configuration table of the ABAP system. Unauthorized content changes may lead to reduced system performance or interruptions. The issue has a low impact on the application’s integrity and availability, with no effect on confidentiality. The vulnerable component is an ABAP function module.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.