Vulnerability Details CVE-2024-42373
SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could allow an attacker to delete non-sensitive report variants that are typically restricted, causing minimal impact on the integrity of the application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.2%
CVSS Severity
CVSS v3 Score 4.3
Products affected by CVE-2024-42373
-
cpe:2.3:a:sap:student_life_cycle_management:617
-
cpe:2.3:a:sap:student_life_cycle_management:618
-
cpe:2.3:a:sap:student_life_cycle_management:802
-
cpe:2.3:a:sap:student_life_cycle_management:803
-
cpe:2.3:a:sap:student_life_cycle_management:804
-
cpe:2.3:a:sap:student_life_cycle_management:805
-
cpe:2.3:a:sap:student_life_cycle_management:806
-
cpe:2.3:a:sap:student_life_cycle_management:807
-
cpe:2.3:a:sap:student_life_cycle_management:808