Bank Account Management
by SAP
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-33000 | Low | 0.23 | 3.5 | 0.00 | May 14, 2024 | SAP Bank Account Management does not perform necessary authorization check for an authorized user, resulting in escalation of privileges. As a result, it has a low impact to confidentiality to the system. | ||
| CVE-2024-24739 | 0.00 | — | 0.00 | Feb 13, 2024 | SAP Bank Account Management (BAM) allows an authenticated user with restricted access to use functions which can result in escalation of privileges with low impact on confidentiality, integrity and availability of the application. | |||
| CVE-2023-0023 | 0.00 | — | 0.01 | Jan 10, 2023 | In SAP Bank Account Management (Manage Banks) application, when a user clicks a smart link to navigate to another app, personal data is shown directly in the URL. They might get captured in log files, bookmarks, and so on disclosing sensitive data of the application. |
- risk 0.23cvss 3.5epss 0.00
SAP Bank Account Management does not perform necessary authorization check for an authorized user, resulting in escalation of privileges. As a result, it has a low impact to confidentiality to the system.
- CVE-2024-24739Feb 13, 2024risk 0.00cvss —epss 0.00
SAP Bank Account Management (BAM) allows an authenticated user with restricted access to use functions which can result in escalation of privileges with low impact on confidentiality, integrity and availability of the application.
- CVE-2023-0023Jan 10, 2023risk 0.00cvss —epss 0.01
In SAP Bank Account Management (Manage Banks) application, when a user clicks a smart link to navigate to another app, personal data is shown directly in the URL. They might get captured in log files, bookmarks, and so on disclosing sensitive data of the application.