Vulnerability Details CVE-2024-41734
Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user related information. There is no impact on integrity or availability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.1%
CVSS Severity
CVSS v3 Score 4.3
Products affected by CVE-2024-41734
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_700
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_701
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_702
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_731
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_740
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_750
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_751
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_752
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_753
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_754
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_755
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_756
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_757
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_758
-
cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_912