Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the availability of the system.
History

Thu, 13 Feb 2025 17:45:00 +0000

Type Values Removed Values Added
Description Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the availability of the system. Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the availability of the system.

Wed, 16 Oct 2024 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Sap
Sap cloud Connector
CPEs cpe:2.3:a:sap:cloud_connector:2.0:*:*:*:*:*:*:*
Vendors & Products Sap
Sap cloud Connector

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2024-02-13T02:44:20.284Z

Updated: 2025-02-13T17:40:53.057Z

Reserved: 2024-02-09T04:10:20.036Z

Link: CVE-2024-25642

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-02-13T03:15:09.613

Modified: 2025-02-13T18:17:14.807

Link: CVE-2024-25642

cve-icon Redhat

No data.