SAP NetWeaver application, due to insufficient input validation, allows an attacker to send a crafted request from a vulnerable web application targeting internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability. Thus, having a low impact on confidentiality.
Metrics
Affected Vendors & Products
References
History
Thu, 06 Feb 2025 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Sap
Sap netweaver |
|
CPEs | cpe:2.3:a:sap:netweaver:7.5:*:*:*:*:*:*:* | |
Vendors & Products |
Sap
Sap netweaver |
![cve-icon](/static/img/cve-icon.png)
Status: PUBLISHED
Assigner: sap
Published: 2024-04-09T00:52:54.390Z
Updated: 2024-08-21T15:07:15.427Z
Reserved: 2024-02-27T06:26:16.786Z
Link: CVE-2024-27898
![cve-icon](/static/img/cisa-icon.png)
Updated: 2024-08-02T00:41:55.785Z
![cve-icon](/static/img/nvd-icon.png)
Status : Analyzed
Published: 2024-04-09T01:15:48.583
Modified: 2025-02-06T19:01:07.703
Link: CVE-2024-27898
![cve-icon](/static/img/redhat-icon.png)
No data.