CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-34692

Due to missing verification of file type or content, SAP Enable Now allows an authenticated attacker to upload arbitrary files. These files include executables which might be downloaded and executed by the user which could host malware. On successful exploitation an attacker can cause limited impact on confidentiality and Integrity of the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.1%

CVSS Severity

CVSS v3 Score 3.3

References

https://me.sap.com/notes/3476340
https://url.sap/sapsecuritypatchday
https://me.sap.com/notes/3476340
https://url.sap/sapsecuritypatchday

Products affected by CVE-2024-34692

Sap » Enable Now » Version: N/A

cpe:2.3:a:sap:enable_now:-
Sap » Enable Now » Version: 10

cpe:2.3:a:sap:enable_now:10
Sap » Enable Now » Version: 1902

cpe:2.3:a:sap:enable_now:1902
Sap » Enable Now » Version: 1908

cpe:2.3:a:sap:enable_now:1908
Sap » Enable Now » Version: 1911

cpe:2.3:a:sap:enable_now:1911
Sap » Enable Now » Version: 2311

cpe:2.3:a:sap:enable_now:2311

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-34692

Products

Pricing

Contact Us