CVE-2024-39592

Elements of PDCE does not perform necessary
authorization checks for an authenticated user, resulting in escalation of
privileges.



This
allows an attacker to read sensitive information causing high impact on the
confidentiality of the application.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.7 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
sapCNA
7.7 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CISA-ADPADP
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Common Weakness Enumeration
References
https://me.sap.com/notes/3483344
https://url.sap/sapsecuritypatchday
https://me.sap.com/notes/3483344
https://url.sap/sapsecuritypatchday