CVE-2024-37178
CVSS V2 None
CVSS V3 None
Description
SAP Financial Consolidation does not
sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting
(XSS) vulnerability. These endpoints are exposed over the network. The
vulnerability can exploit resources beyond the vulnerable component. On
successful exploitation, an attacker can cause limited impact to
confidentiality of the application.
Overview
- CVE ID
- CVE-2024-37178
- Assigner
- sap
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-06-11T02:00:27.054Z
- Last Modified Date
- 2024-06-11T14:24:19.964Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://me.sap.com/notes/3457592 | |
| https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-37178 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37178 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 01:20:16 | Added to TrackCVE |