CVE-2024-34692 - Vulnerability Details - OpenCVE

Due to missing verification of file type or
content, SAP Enable Now allows an authenticated attacker to upload arbitrary
files. These files include executables which might be downloaded and executed
by the user which could host malware. On successful exploitation an attacker
can cause limited impact on confidentiality and Integrity of the application.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00286.

Key SSVC decision points have not yet been added.

Vendors	Products
Sap	Enable Now

Configuration 1 [-]

cpe:2.3:a:sap:enable_now:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2024-34991	Due to missing verification of file type or content, SAP Enable Now allows an authenticated attacker to upload arbitrary files. These files include executables which might be downloaded and executed by the user which could host malware. On successful exploitation an attacker can cause limited impact on confidentiality and Integrity of the application.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://me.sap.com/notes/3476340
https://url.sap/sapsecuritypatchday

History

Mon, 09 Sep 2024 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Sap Sap enable Now
CPEs		cpe:2.3:a:sap:enable_now::::::::
Vendors & Products		Sap Sap enable Now

MITRE

Status: PUBLISHED

Assigner: sap

Published: 2024-07-09T04:43:05.361Z

Updated: 2024-08-02T02:59:22.200Z

Reserved: 2024-05-07T05:46:11.658Z

Link: CVE-2024-34692

Vulnrichment

Updated: 2024-08-02T02:59:22.200Z

NVD

Status : Modified

Published: 2024-07-09T05:15:11.183

Modified: 2024-11-21T09:19:12.490

Link: CVE-2024-34692

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-34692", "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "state": "PUBLISHED", "assignerShortName": "sap", "dateReserved": "2024-05-07T05:46:11.658Z", "datePublished": "2024-07-09T04:43:05.361Z", "dateUpdated": "2024-08-02T02:59:22.200Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "SAP Enable Now", "vendor": "SAP_SE", "versions": [{"status": "affected", "version": "WPB_MANAGER_CE 10"}, {"status": "affected", "version": "WPB_MANAGER_HANA 10"}, {"status": "affected", "version": "ENABLE_NOW_CONSUMP_DEL 1704"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Due to missing verification of file type or\ncontent, SAP Enable Now allows an authenticated attacker to upload arbitrary\nfiles. These files include executables which might be downloaded and executed\nby the user which could host malware. On successful exploitation an attacker\ncan cause limited impact on confidentiality and Integrity of the application.\n\n\n\n"}], "value": "Due to missing verification of file type or\ncontent, SAP Enable Now allows an authenticated attacker to upload arbitrary\nfiles. These files include executables which might be downloaded and executed\nby the user which could host malware. On successful exploitation an attacker\ncan cause limited impact on confidentiality and Integrity of the application."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "CWE-434: Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2024-07-09T04:43:05.361Z"}, "references": [{"url": "https://url.sap/sapsecuritypatchday"}, {"url": "https://me.sap.com/notes/3476340"}], "source": {"discovery": "UNKNOWN"}, "title": "[CVE-2024-34692] Unrestricted File upload vulnerability in SAP Enable Now", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-23T14:41:17.467941Z", "id": "CVE-2024-34692", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-23T14:41:29.721Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:59:22.200Z"}, "title": "CVE Program Container", "references": [{"url": "https://url.sap/sapsecuritypatchday", "tags": ["x_transferred"]}, {"url": "https://me.sap.com/notes/3476340", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://url.sap/sapsecuritypatchday", "tags": ["x_transferred"]}, {"url": "https://me.sap.com/notes/3476340", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:59:22.200Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-34692", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-23T14:41:17.467941Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-23T14:41:25.151Z"}}], "cna": {"title": "[CVE-2024-34692] Unrestricted File upload vulnerability in SAP Enable Now", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SAP_SE", "product": "SAP Enable Now", "versions": [{"status": "affected", "version": "WPB_MANAGER_CE 10"}, {"status": "affected", "version": "WPB_MANAGER_HANA 10"}, {"status": "affected", "version": "ENABLE_NOW_CONSUMP_DEL 1704"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://url.sap/sapsecuritypatchday"}, {"url": "https://me.sap.com/notes/3476340"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Due to missing verification of file type or\ncontent, SAP Enable Now allows an authenticated attacker to upload arbitrary\nfiles. These files include executables which might be downloaded and executed\nby the user which could host malware. On successful exploitation an attacker\ncan cause limited impact on confidentiality and Integrity of the application.", "supportingMedia": [{"type": "text/html", "value": "Due to missing verification of file type or\ncontent, SAP Enable Now allows an authenticated attacker to upload arbitrary\nfiles. These files include executables which might be downloaded and executed\nby the user which could host malware. On successful exploitation an attacker\ncan cause limited impact on confidentiality and Integrity of the application.\n\n\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434: Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2024-07-09T04:43:05.361Z"}}}, "cveMetadata": {"cveId": "CVE-2024-34692", "state": "PUBLISHED", "dateUpdated": "2024-08-02T02:59:22.200Z", "dateReserved": "2024-05-07T05:46:11.658Z", "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "datePublished": "2024-07-09T04:43:05.361Z", "assignerShortName": "sap"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:enable_now:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1C2C770-82FA-45DE-9EEA-E377501B05A9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Due to missing verification of file type or\ncontent, SAP Enable Now allows an authenticated attacker to upload arbitrary\nfiles. These files include executables which might be downloaded and executed\nby the user which could host malware. On successful exploitation an attacker\ncan cause limited impact on confidentiality and Integrity of the application."}, {"lang": "es", "value": "Debido a la falta de verificaci\u00f3n del tipo o contenido del archivo, SAP Enable Now permite que un atacante autenticado cargue archivos arbitrarios. Estos archivos incluyen archivos ejecutables que el usuario puede descargar y ejecutar y que podr\u00edan alojar malware. Si un atacante la explota con \u00e9xito, puede causar un impacto limitado en la confidencialidad y la integridad de la aplicaci\u00f3n."}], "id": "CVE-2024-34692", "lastModified": "2024-11-21T09:19:12.490", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 2.5, "source": "cna@sap.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-09T05:15:11.183", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required"], "url": "https://me.sap.com/notes/3476340"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://url.sap/sapsecuritypatchday"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "https://me.sap.com/notes/3476340"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://url.sap/sapsecuritypatchday"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "cna@sap.com", "type": "Secondary"}]}