CVE-2024-42380
CVSS V2 None
CVSS V3 None
Description
The RFC enabled function module allows a low privileged user to read any user's workplace favourites and user menu along with all the specific data of each node. Usernames can be enumerated by exploiting vulnerability. There is low impact on confidentiality of the application.
Overview
- CVE ID
- CVE-2024-42380
- Assigner
- sap
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-09-10T02:47:52.783Z
- Last Modified Date
- 2024-09-10T02:47:52.783Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://me.sap.com/notes/3488039 | |
| https://url.sap/sapsecuritypatchday |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-42380 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42380 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-09-10 13:11:49 | Added to TrackCVE |