CVE-2024-21738
Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Application Server and ABAP Platform
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the application data after successful exploitation.
SAP NetWeaver ABAP Application Server y ABAP Platform no codifican suficientemente las entradas controladas por el usuario, lo que genera una vulnerabilidad de Cross-Site Scripting (XSS). Un atacante con pocos privilegios puede causar un impacto limitado en la confidencialidad de los datos de la aplicación después de una explotación exitosa.
SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the application data after successful exploitation.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2024-01-01 CVE Reserved
- 2024-01-09 CVE Published
- 2024-08-01 CVE Updated
- 2025-01-15 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | 2024-01-11 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 79 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "79" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 700 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "700" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 701 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "701" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 702 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "702" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 731 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "731" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 740 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "740" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 750 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "750" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 751 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "751" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 752 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "752" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 753 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "753" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 754 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "754" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 755 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "755" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 756 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "756" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 757 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "757" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 758 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "758" | sap_basis |
Affected
| ||||||
Sap Search vendor "Sap" | Netweaver Application Server Abap Search vendor "Sap" for product "Netweaver Application Server Abap" | 793 Search vendor "Sap" for product "Netweaver Application Server Abap" and version "793" | sap_basis |
Affected
|