Vulnerability Details CVE-2024-41734
Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user related information. There is no impact on integrity or availability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.2%
CVSS Severity
CVSS v3 Score 4.3
Products affected by CVE-2024-41734
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_700
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_701
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_702
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_731
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_740
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_750
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_751
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_752
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_753
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_754
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_755
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_756
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_757
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_758
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_912