CVE-2024-21735

Summary

SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. This could allow an attacker with high privileges to perform unintended actions, resulting in escalation of privileges, which has High impact on confidentiality, integrity and availability of the system.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP LT Replication ServerS4CORE 103affected
SAP_SESAP LT Replication ServerS4CORE 104affected
SAP_SESAP LT Replication ServerS4CORE 105affected
SAP_SESAP LT Replication ServerS4CORE 106affected
SAP_SESAP LT Replication ServerS4CORE 107affected
SAP_SESAP LT Replication ServerS4CORE 108affected

Weaknesses

  • CWE-863: CWE-863 Incorrect Authorization

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References