CVE-2024-24741— SAP Master Data Governance 安全漏洞

Missing Authorization check in SAP Master Data Governance Material

SAP Master Data Governance for Material Data - versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804, does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read some sensitive information but no impact to integrity and availability.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

授权机制缺失

SAP Master Data Governance 安全漏洞

SAP Master Data Governance是德国思爱普（SAP）公司的一套用于维护、验证和分发主数据的数据管理工具。 SAP Master Data Governance for Material Data 618、619、620、621、622、800、801、802、803、804版本存在安全漏洞，该漏洞源于不会对经过身份验证的用户执行必要的授权检查，从而导致权限升级。

N/A

N/A