Security Vulnerability in Self-Registration and Profile Modification in NetWeaver AS Java

CVE-2024-27899
Currently unrated 🤨

Key Information

Vendor
SAP
Vendor
CVE Published:
9 April 2024

Badges

📰 News Worthy

Summary

Self-Registration and Modify your own profile in User Admin Application of NetWeaver AS Java does not enforce proper security requirements for the content of the newly defined security answer. This can be leveraged by an attacker to cause profound impact on confidentiality and low impact on both integrity and availability.

News Articles

favicon imageprophaze.com

CVE-2024-27899 : SAP NETWEAVER AS JAVA USER MANAGEMENT ENGINE 7.50 USER ADMIN APPLICATION PASSWORD RECOVERY - Cloud WAF

CVE-2024-27899 : Self-Registration and Modify your own profile in User Admin Application of NetWeaver AS Java does not enforce proper security requirements for the content of the newly defined security answer.

7 months ago

Timeline

  • First article discovered by prophaze.com

  • Vulnerability published.

Collectors

NVD Database1 News Article(s)
.