Unrated severityNVD Advisory· Published Feb 13, 2024· Updated Nov 7, 2024
XXE vulnerability in SAP NetWeaver AS Java (Guided Procedures)
CVE-2024-24743
Description
SAP NetWeaver AS Java (CAF - Guided Procedures) - version 7.50, allows an unauthenticated attacker to submit a malicious request with a crafted XML file over the network, which when parsed will enable him to access sensitive files and data but not modify them. There are expansion limits in place so that availability is not affected.
Affected products
2= 7.50+ 1 more
- (no CPE)range: = 7.50
- (no CPE)range: 7.50
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.