CVE-2024-33000

Summary

SAP Bank Account Management does not perform necessary authorization check for an authorized user, resulting in escalation of privileges. As a result, it has a low impact to confidentiality to the system.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP Bank Account Management100affected
SAP_SESAP Bank Account Management101affected
SAP_SESAP Bank Account Management102affected
SAP_SESAP Bank Account Management103affected
SAP_SESAP Bank Account Management104affected
SAP_SESAP Bank Account Management105affected
SAP_SESAP Bank Account Management106affected
SAP_SESAP Bank Account Management107affected
SAP_SESAP Bank Account Management108affected

Weaknesses

  • CWE-862: CWE-862: Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References