Unrated severityNVD Advisory· Published Feb 13, 2024· Updated May 8, 2025
Improper Certificate Validation in SAP Cloud Connector
CVE-2024-25642
Description
Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the availability of the system.
Affected products
2=2.0+ 1 more
- (no CPE)range: =2.0
- (no CPE)range: 2.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.