Unrated severityNVD Advisory· Published Jun 11, 2024· Updated Aug 2, 2024

Missing Authorization check in SAP Student Life Cycle Management (SLcM)

CVE-2024-34690

Description

SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could allow an attacker to access and edit non-sensitive report variants that are typically restricted, causing minimal impact on the confidentiality and integrity of the application.

Affected products

SAP Se/Sap Student Life Cycle Managementv5
Range: IS-PS-CA 617

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

me.sap.com/notes/3457265mitre
support.sap.com/en/my-support/knowledge-base/security-notes-news.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000