Vulnerability Details CVE-2024-21736
SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does not perform necessary authorization checks. A function import could be triggered allowing the attacker to create in-house bank accounts leading to low impact on the confidentiality of the application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.1%
CVSS Severity
CVSS v3 Score 6.4
References
Products affected by CVE-2024-21736
-
cpe:2.3:a:sap:s/4hana_finance:107
-
cpe:2.3:a:sap:s/4hana_finance:128