CVE-2024-45286

Missing Authorization check in SAP Production and Revenue Accounting (Tobin interface)

Description

Due to lack of proper authorization checks when calling user, a function module in obsolete Tobin interface in SAP Production and Revenue Accounting allows unauthorized access that could lead to disclosure of highly sensitive data. There is no impact on integrity or availability.

INFO

Published Date :

2024-09-10T03:56:36.139Z

Last Modified :

2024-09-10T13:26:21.584Z

Source :

sap

AFFECTED PRODUCTS

The following products are affected by CVE-2024-45286 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-45286.

URL	Resource
https://me.sap.com/notes/3488341
https://url.sap/sapsecuritypatchday

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact