CVE-2024-33000

EUVD-2024-30745
SAP Bank Account Management does not perform necessary authorization check for an authorized user, resulting in escalation of privileges. As a result, it has a low impact to confidentiality to the system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.5 LOW
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
sapbank_account_management
100 ≤
𝑥
≤ 108
ADP
Common Weakness Enumeration
References
https://me.sap.com/notes/3392049
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html
https://me.sap.com/notes/3392049
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html