CVE-2024-39593

CWE-200Information Exposure3 documents3 sources
Severity
5.7MEDIUM
EPSS
0.3%
top 50.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SAP SE SAP Landscape ManagementSAP Landscape Management
Timeline
PublishedJul 9

Description

SAP Landscape Management allows an authenticated user to read confidential data disclosed by the REST Provider Definition response. Successful exploitation can cause high impact on confidentiality of the managed entities.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:NExploitability: 1.7 | Impact: 4.7

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-4w6q-8g24-72g9: SAP Landscape Management allows an authenticated user to read confidential data disclosed by the REST Provider Definition response2024-07-09
CVEList
[CVE-2024-39593] Information Disclosure vulnerability in SAP Landscape Management2024-07-09
CVE-2024-39593 (MEDIUM CVSS 5.7) | SAP Landscape Management allows an | cvebase.io