GHSA-fmx8-77jm-47rf

GHSA-fmx8-77jm-47rf PUBLISHED CVSS 5 MEDIUM

SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability.

Risk Scores

CVSS v3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Timeline

Mar 10, 2026 CVE Published
Mar 10, 2026 CVE Updated
Apr 10, 2026 Security Advisory

References

https://nvd.nist.gov/vuln/detail/CVE-2026-24313 advisory
https://me.sap.com/notes/3707930 url
https://url.sap/sapsecuritypatchday url

Open in Interactive Console →