CVE-2024-24739

Summary

SAP Bank Account Management (BAM) allows an authenticated user with restricted access to use functions which can result in escalation of privileges with low impact on confidentiality, integrity and availability of the application.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP BAM (Bank Account Management)SAP_FIN 618affected
SAP_SESAP BAM (Bank Account Management)SAP_FIN 730affected
SAP_SESAP BAM (Bank Account Management)S4CORE 100affected
SAP_SESAP BAM (Bank Account Management)101affected

Weaknesses

  • CWE-862: CWE-862: Missing Authorization

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References