VDB

CVE-2026-24327

CVE-2026-24327 PUBLISHED CVSS 4.300000190734863 MEDIUM

Due to missing authorization check in SAP Strategic Enterprise Management (Balanced Scorecard in Business Server Pages), an authenticated attacker could access information that they are otherwise unauthorized to view. This leads to low impact on confidentiality and no effect on integrity or availability.

EPSS 0.01% · 2.3th percentile

Risk Scores

CVSS 3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.01%
2.3th percentile

Affected Products

VendorProductVersions
sapstrategic_enterprise_management605, 600, 602
SAP_SESAP Strategic Enterprise Management (Balanced Scorecard in BSP Application)SEM-BW 600, 602, 604

Exploit Intelligence

Timeline

  • Feb 10, 2026 CVE Published
  • Feb 10, 2026 EPSS Score
  • Feb 12, 2026 EPSS Score
  • Feb 14, 2026 EPSS Score
  • Feb 15, 2026 CVE Updated
  • Feb 16, 2026 EPSS Score
  • Feb 18, 2026 EPSS Score
  • Feb 20, 2026 EPSS Score
  • Feb 22, 2026 EPSS Score
  • Feb 24, 2026 EPSS Score
  • Feb 26, 2026 EPSS Score
  • Feb 28, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›