VYPR
Unrated severityNVD Advisory· Published Feb 13, 2024· Updated May 8, 2025

Improper Certificate Validation in SAP Cloud Connector

CVE-2024-25642

Description

Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the availability of the system.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.