CVE-2024-25645

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://me.sap.com/notes/3428847", "name": "https://me.sap.com/notes/3428847", "tags": ["Permissions Required"], "refsource": ""}, {"url": "https://me.sap.com/notes/3428847", "name": "https://me.sap.com/notes/3428847", "tags": ["Permissions Required"], "refsource": ""}, {"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364", "name": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364", "name": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364", "tags": ["Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Under certain condition\u00a0SAP\u00a0NetWeaver (Enterprise Portal) - version 7.50\u00a0allows an attacker to access information which would otherwise be restricted causing low impact on confidentiality of the application and with no impact on Integrity and Availability of the application."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-25645", "ASSIGNER": "cna@sap.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}}, "publishedDate": "2024-03-12T01:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:sap:netweaver_enterprise_portal:7.50:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-02-07T17:24Z"}