Authorization Check Flaw in SAP Solution Tools Plug-In by SAP
CVE-2026-24313

5MEDIUM

Key Information:

Vendor: SAP
Status: SAP Solution Tools Plug-in (st-pi)
Vendor: CVE Published:; 10 March 2026

What is CVE-2026-24313?

The SAP Solution Tools Plug-In (ST-PI) contains a vulnerability related to insufficient authorization checks for authenticated users. This flaw allows unauthorized disclosure of system information, potentially exposing sensitive configuration details without adequate safeguards in place. Prompt attention to patching and securing SAP environments is recommended to mitigate risks.

Affected Version(s)

SAP Solution Tools Plug-In (ST-PI) ST-PI 2008_1_700

SAP Solution Tools Plug-In (ST-PI) 2008_1_710

SAP Solution Tools Plug-In (ST-PI) 740

References

https://me.sap.com/notes/3707930

https://url.sap/sapsecuritypatchday

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2026
Vulnerability Reserved
Jan 21, 2026

CVE-2026-24313 Data

JSON