Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
[CVE-2024-39596] Missing Authorization check vulnerability in SAP Enable Now
Vulnerability Description
Due to missing authorization checks, SAP Enable Now allows an author to escalate privileges to access information which should otherwise be restricted. On successful exploitation, the attacker can cause limited impact on confidentiality of the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
授权机制缺失
Vulnerability Title
SAP Enable Now 安全漏洞
Vulnerability Description
SAP Enable Now是德国思爱普(SAP)公司的一套协作内容创作、管理和共享平台。该平台主要用于SAP和非SAP系统的在线学习和培训等。 SAP Enable Now 存在安全漏洞,该漏洞源于由于缺少授权检查,允许作者升级权限以访问本应受限的信息,成功利用可能导致对应用程序的机密性产生有限影响。
CVSS Information
N/A
Vulnerability Type
N/A