VYPR
Unrated severityNVD Advisory· Published Apr 9, 2024· Updated Aug 21, 2024

Server-Side Request Forgery in SAP NetWeaver

CVE-2024-27898

Description

SAP NetWeaver application, due to insufficient input validation, allows an attacker to send a crafted request from a vulnerable web application targeting internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability. Thus, having a low impact on confidentiality.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • SAP/Netweaverllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 7.50

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.