Attacker can manipulate victim's documents through SAP Document Builder service
CVE-2024-34683
6.5MEDIUM
What is CVE-2024-34683?
An authenticated attacker can upload malicious file to SAP Document Builder service. When the victim accesses this file, the attacker is allowed to access, modify, or make the related information unavailable in the victim’s browser.
Affected Version(s)
SAP Document Builder S4CORE 100
SAP Document Builder 101
SAP Document Builder S4FND 102