CVE-2024-24741: Missing Authorization check in SAP Master Data Governance Material

First published: Tue Feb 13 2024(Updated: )

SAP Master Data Governance for Material Data - versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804, does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read some sensitive information but no impact to integrity and availability.

Credit: cna@sap.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/weakness
• agent/references
• agent/severity
• agent/author
• agent/title
• agent/type
• agent/first-publish-date
• agent/description
• collector/epss-latest
• source/FIRST
• agent/epss
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• agent/softwarecombine
• agent/event
• agent/tags
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• vendor/sap
• canonical/sap master data governance for material data
• version/sap master data governance for material data/618
• version/sap master data governance for material data/619
• version/sap master data governance for material data/620
• version/sap master data governance for material data/621
• version/sap master data governance for material data/622
• version/sap master data governance for material data/800
• version/sap master data governance for material data/801
• version/sap master data governance for material data/802
• version/sap master data governance for material data/803
• version/sap master data governance for material data/804