How severe is CVE-2024-32731?

CVE-2024-32731 has a CVSS v3 score of 5.5 (MEDIUM).

CVE-2024-32731

5.5MEDIUM

SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a maliciou

Published: 5/14/2024Updated: 11/21/2024

Description

SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a malicious attachment to a business trip request which will lead to a low impact on the confidentiality, integrity and availability of the application.

AI AnalysisPowered by AI

References

https://me.sap.com/notes/3447467
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364
https://me.sap.com/notes/3447467
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364