SAP Landscape Management Data Disclosure Vulnerability

CVE-2024-39593

5.7MEDIUM

Key Information

Vendor: SAP
Status: SAP Landscape Management
Vendor: CVE Published:; 9 July 2024

Summary

SAP Landscape Management allows an authenticated user to read confidential data disclosed by the REST Provider Definition response. Successful exploitation can cause high impact on confidentiality of the managed entities.

Affected Version(s)

SAP Landscape Management = VCM 3.00

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published.
Jul 9, 2024
Vulnerability Reserved.
Jun 26, 2024

Collectors

NVD DatabaseMitre Database