NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-41729

Summary	Due to missing authorization checks, SAP BEx Analyzer allows an authenticated attacker to access information over the network which is otherwise restricted. On successful exploitation the attacker can enumerate information causing a limited impact on confidentiality of the application.
Publication Date	Sept. 10, 2024, 12:15 p.m.
Registration Date	Sept. 10, 2024, 4 p.m.
Last Update	Sept. 10, 2024, 12:15 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://me.sap.com/notes/3481588
2	https://url.sap/sapsecuritypatchday

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-862	認証の欠如	https://cwe.mitre.org/data/definitions/862.html
2	CWE-359	認可されていないアクターへの個人情報の漏えい	https://cwe.mitre.org/data/definitions/359.html