CVE-2024-44121

medium

Description

Under certain conditions Statutory Reports in SAP S/4 HANA allows an attacker with basic privileges to access information which would otherwise be restricted. The vulnerability could expose internal user data that should remain confidential. It does not impact the integrity and availability of the application

References

https://url.sap/sapsecuritypatchday

https://me.sap.com/notes/3437585

Details

Source: Mitre, NVD

Published: 2024-09-10

Updated: 2024-09-10

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N