CVE-2024-34689
published 2024-07-09CVE-2024-34689: WebFlow Services of SAP Business Workflow allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting…
medium5CVSS 3.1
AVNACLPRLUINSCCLINAN
WebFlow Services of SAP Business Workflow allows
an authenticated attacker to enumerate accessible HTTP endpoints in the
internal network by specially crafting HTTP requests. On successful
exploitation this can result in information disclosure. It has no impact on
integrity and availability of the application.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | sap_basis | — | — |
| sap | sap_basis | — | — |
| sap | sap_basis | — | — |
| sap | sap_basis | — | — |
| sap | sap_basis | — | — |
| sap | sap_basis | — | — |
| sap | sap_basis | — | — |
| sap | sap_basis | — | — |
| sap | sap_basis | — | — |
| sap | sap_basis | — | — |
| sap | sap_basis | — | — |
| sap | sap_basis | — | — |
| sap | sap_basis | — | — |
| sap | sap_basis | — | — |
| sap_se | sap_business_workflow | — | — |
| sap_se | sap_business_workflow | — | — |
| sap_se | sap_business_workflow | — | — |
| sap_se | sap_business_workflow | — | — |
| sap_se | sap_business_workflow | — | — |
| sap_se | sap_business_workflow | — | — |
| sap_se | sap_business_workflow | — | — |
| sap_se | sap_business_workflow | — | — |
| sap_se | sap_business_workflow | — | — |
| sap_se | sap_business_workflow | — | — |
| sap_se | sap_business_workflow | — | — |