VDB

GCVE-VVD-NCSC-2024-247

GCVE-VVD-NCSC-2024-247
Advisory PublishedCVSS 8.1/10
Vulnetix · Advisory published June 11, 2024
SAP heeft kwetsbaarheden verholpen in diverse SAP producten, zoals Business Objects, HANA, CRM en NetWeaver.
Download JSON Open in Console

Weaknesses (CWE)

CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-400Uncontrolled Resource ConsumptionCWE-434Unrestricted Upload of File with Dangerous TypeCWE-862Missing AuthorizationCWE-200Exposure of Sensitive Information to an Unauthorized Actor

Risk Scores

CVSS 3.1
8.1/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Affected Products

VendorProductVersionsPlatforms
sap_sesap_financial_consolidation
sapfinancial_consolidation
sap_sesap_netweaver_as_java
sap_sesap_netweaver_and_abap_platform
sapnetweaver_application_server_abap
sap_sesap_document_builder
sap_sesap_s_4hana__manage_incoming_payment_files_
sap_sesap_crm_webclient_ui
sap_sesap_bw_4hana_transformation_and_data_transfer_process
sap_sesap_student_life_cycle_management
sap_sesap_businessobjects_business_intelligence_platform

Aliases

CVE-2024-34688CVE-2024-34683CVE-2024-37177CVE-2024-34690CVE-2024-34684CVE-2024-33001CVE-2024-37176CVE-2024-28164CVE-2024-34686CVE-2024-34691

Transitive aliases

VVD-CISA-2024-32733NCSC-2024-0228EUVD-2024-30517VVD-CISA-2024-4138CVE-2022-36364EUVD-2024-30518VVD-CISA-2024-33004GHSA-f4xj-jr64-mrrfCVE-2024-33007VVD-CISA-2024-33000GHSA-r32p-mj73-6wq6GHSA-23gf-62w7-q77vEUVD-2024-30746EUVD-2024-30752GHSA-w7f5-jrpr-5c2mGHSA-xqh8-8m3p-c72rGHSA-rpjh-2px8-r4m7GHSA-rwr4-vcmx-mq8wBDU:2024-05100VVD-CISA-2024-32731VVD-CISA-2024-33006VVD-CISA-2024-34688GHSA-2xhx-vgfw-g59cVVD-CISA-2024-37177GHSA-6qmc-84fw-65c9BDU:2024-05097EUVD-2024-36482EUVD-2024-34990GHSA-6jcq-5j67-2qh3EUVD-2024-30745VVD-CISA-2024-34686CVE-2024-33000CVE-2024-32730CVE-2024-4139VVD-CISA-2024-34687VVD-CISA-2024-33007EUVD-2024-30751VVD-CISA-2024-4139VVD-CISA-2024-34690GHSA-5jpr-j92r-8ppmEUVD-2024-25297WID-SEC-W-2024-1327VVD-NCSC-2024-228GHSA-9rp9-4vx9-p834VVD-CISA-2024-33002EUVD-2024-34983CVE-2024-34687CVE-2024-33008GHSA-xmf8-c7vj-6x2rEUVD-2024-25296EUVD-2024-34989CVE-2024-4138GHSA-mx49-v6wc-9vxfVVD-CISA-2024-34691EUVD-2024-34987BDU:2024-05104EUVD-2024-36483EUVD-2024-30753CVE-2024-32733VVD-CISA-2024-33008CGA-5w69-hjc2-pq79CGA-cvxh-5ph4-h33jGHSA-3m6r-3gw2-h96xGHSA-4h5h-v89j-3c37BDU:2024-05090GHSA-x685-hmwx-rrvfCVE-2024-33006GHSA-5rfc-xc58-54q3GHSA-4qcf-w92c-26h6BDU:2024-05099BDU:2024-05079EUVD-2024-34982VVD-CISA-2024-37176GSD-2024-28165GSD-2024-33001EUVD-2024-30754EUVD-2024-32699CVE-2024-33009EUVD-2022-6428GHSA-v435-c8wm-qmjmBDU:2024-05101CVE-2024-28165CVE-2024-33002VVD-CISA-2024-28165GHSA-3wpq-gjx8-r7c8EUVD-2024-30749VVD-CISA-2024-33001VVD-CISA-2024-33009EUVD-2024-30747VVD-CISA-2024-34684BDU:2022-05272EUVD-2024-34986EUVD-2024-34985NCSC-2024-0247GHSA-j445-5264-j568GHSA-prf2-4xjw-553wCVE-2024-32731VVD-CISA-2024-32730VVD-CISA-2024-28164EUVD-2024-30520EUVD-2024-32698VVD-CISA-2024-34683GHSA-fwgg-ghmr-9fqpGSD-2024-28164CVE-2024-33004WID-SEC-W-2024-1107GHSA-qfqw-rh34-r78m

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›