CVE-2024-42372

Summary

Due to missing authorization check in SAP NetWeaver AS Java (System Landscape Directory) an unauthorized user can read and modify some restricted global SLD configurations causing low impact on confidentiality and integrity of the application.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP NetWeaver AS Java (System Landscape Directory)LM-SLD 7.5affected

Weaknesses

  • CWE-862: CWE-862: Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References