In SAP ABA (Application Basis) - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I, an attacker authenticated as a user with a remote execution authorization can use a vulnerable interface. This allows the attacker to use the interface to invoke an application function to perform actions which they would not normally be permitted to perform.  Depending on the function executed, the attack can read or modify any user/business data and can make the entire system unavailable.
History

Wed, 16 Oct 2024 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Sap
Sap abap Platform
CPEs cpe:2.3:a:sap:abap_platform:700:*:*:*:*:*:*:*
cpe:2.3:a:sap:abap_platform:701:*:*:*:*:*:*:*
cpe:2.3:a:sap:abap_platform:702:*:*:*:*:*:*:*
cpe:2.3:a:sap:abap_platform:731:*:*:*:*:*:*:*
cpe:2.3:a:sap:abap_platform:740:*:*:*:*:*:*:*
cpe:2.3:a:sap:abap_platform:750:*:*:*:*:*:*:*
cpe:2.3:a:sap:abap_platform:751:*:*:*:*:*:*:*
cpe:2.3:a:sap:abap_platform:752:*:*:*:*:*:*:*
cpe:2.3:a:sap:abap_platform:75c:*:*:*:*:*:*:*
cpe:2.3:a:sap:abap_platform:75i:*:*:*:*:*:*:*
Vendors & Products Sap
Sap abap Platform

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2024-02-13T02:30:51.886Z

Updated: 2024-08-01T22:35:34.897Z

Reserved: 2024-01-05T10:21:35.256Z

Link: CVE-2024-22131

cve-icon Vulnrichment

Updated: 2024-08-01T22:35:34.897Z

cve-icon NVD

Status : Modified

Published: 2024-02-13T03:15:08.363

Modified: 2024-11-21T08:55:38.760

Link: CVE-2024-22131

cve-icon Redhat

No data.