Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the availability of the system.
Metrics
Affected Vendors & Products
References
History
Thu, 13 Feb 2025 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the availability of the system. | Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the availability of the system. |
Wed, 16 Oct 2024 21:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Sap
Sap cloud Connector |
|
CPEs | cpe:2.3:a:sap:cloud_connector:2.0:*:*:*:*:*:*:* | |
Vendors & Products |
Sap
Sap cloud Connector |
![cve-icon](/static/img/cve-icon.png)
Status: PUBLISHED
Assigner: sap
Published: 2024-02-13T02:44:20.284Z
Updated: 2025-02-13T17:40:53.057Z
Reserved: 2024-02-09T04:10:20.036Z
Link: CVE-2024-25642
![cve-icon](/static/img/cisa-icon.png)
No data.
![cve-icon](/static/img/nvd-icon.png)
Status : Modified
Published: 2024-02-13T03:15:09.613
Modified: 2025-02-13T18:17:14.807
Link: CVE-2024-25642
![cve-icon](/static/img/redhat-icon.png)
No data.