Vulnerability Details CVE-2024-27898
SAP NetWeaver application, due to insufficient input validation, allows an attacker to send a crafted request from a vulnerable web application targeting internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability. Thus, having a low impact on confidentiality.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.0%
CVSS Severity
CVSS v3 Score 5.3
References