CVE-2024-39598
published 2024-07-09CVE-2024-39598: SAP CRM (WebClient UI Framework) allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP…
high7.7CVSS 3.1
AVNACLPRLUINSCCHINAN
SAP CRM (WebClient UI Framework) allows an
authenticated attacker to enumerate accessible HTTP endpoints in the internal
network by specially crafting HTTP requests. On successful exploitation this
can result in information disclosure. It has no impact on integrity and
availability of the application.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |