VDB
GCVE-110-NCSC-2024-247
GCVE-110-NCSC-2024-247
Advisory PublishedCVSS 8.1/10
SAP heeft kwetsbaarheden verholpen in diverse SAP producten, zoals Business Objects, HANA, CRM en NetWeaver.
Weaknesses (CWE)
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-400Uncontrolled Resource ConsumptionCWE-434Unrestricted Upload of File with Dangerous TypeCWE-862Missing AuthorizationCWE-200Exposure of Sensitive Information to an Unauthorized Actor
Risk Scores
CVSS 3.1
8.1/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_businessobjects_business_intelligence_platform | — | — |
| sap_se | sap_bw_4hana_transformation_and_data_transfer_process | — | — |
| sap_se | sap_netweaver_and_abap_platform | — | — |
| sap_se | sap_netweaver_as_java | — | — |
| sap_se | sap_financial_consolidation | — | — |
| sap_se | sap_document_builder | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | financial_consolidation | — | — |
| sap_se | sap_s_4hana__manage_incoming_payment_files_ | — | — |
| sap_se | sap_student_life_cycle_management | — | — |
Browse GCVE Records
73,834 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.