SAP NetWeaver application, due to insufficient input validation, allows an attacker to send a crafted request from a vulnerable web application targeting internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability. Thus, having a low impact on confidentiality.
History

Thu, 06 Feb 2025 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Sap
Sap netweaver
CPEs cpe:2.3:a:sap:netweaver:7.5:*:*:*:*:*:*:*
Vendors & Products Sap
Sap netweaver

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2024-04-09T00:52:54.390Z

Updated: 2024-08-21T15:07:15.427Z

Reserved: 2024-02-27T06:26:16.786Z

Link: CVE-2024-27898

cve-icon Vulnrichment

Updated: 2024-08-02T00:41:55.785Z

cve-icon NVD

Status : Analyzed

Published: 2024-04-09T01:15:48.583

Modified: 2025-02-06T19:01:07.703

Link: CVE-2024-27898

cve-icon Redhat

No data.