An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access. On successful exploitation the attacker could cause high impact on confidentiality and integrity of the application.
History

Thu, 14 Nov 2024 15:45:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo

Tue, 12 Nov 2024 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Sap
Sap host Agent
CPEs cpe:2.3:a:sap:host_agent:7.22:*:*:*:*:*:*:*
Vendors & Products Sap
Sap host Agent
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 12 Nov 2024 00:45:00 +0000

Type Values Removed Values Added
Description An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access. On successful exploitation the attacker could cause high impact on confidentiality and integrity of the application.
Title Local Privilege Escalation in SAP Host Agent
Weaknesses CWE-266
References
Metrics cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2024-11-12T00:27:23.692Z

Updated: 2024-11-12T01:36:12.627Z

Reserved: 2024-09-27T20:05:59.022Z

Link: CVE-2024-47595

cve-icon Vulnrichment

Updated: 2024-11-12T01:36:08.338Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-12T01:15:05.677

Modified: 2024-11-14T15:21:32.080

Link: CVE-2024-47595

cve-icon Redhat

No data.