CVE-2024-25644: Information Disclosure vulnerability in NetWeaver (WSRM)
First published: Tue Mar 12 2024(Updated: )
Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP NetWeaver WSRM | ||
| SAP NetWeaver | =7.50 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-25644?
CVE-2024-25644 has a low severity level affecting confidentiality.
How do I fix CVE-2024-25644?
To fix CVE-2024-25644, ensure you have applied the latest security patches provided by SAP for NetWeaver WSRM.
What information can be accessed due to CVE-2024-25644?
Due to CVE-2024-25644, an attacker may gain access to restricted information within SAP NetWeaver WSRM.
Is there any impact on integrity or availability with CVE-2024-25644?
CVE-2024-25644 poses no risk to the integrity or availability of the SAP NetWeaver WSRM application.
Which version of the software is affected by CVE-2024-25644?
CVE-2024-25644 specifically affects SAP NetWeaver WSRM version 7.50.
- agent/title
- agent/references
- agent/type
- agent/first-publish-date
- agent/author
- agent/severity
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/description
- agent/source
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- vendor/sap
- canonical/sap netweaver wsrm
- canonical/sap netweaver
- version/sap netweaver/7.50