CVE-2024-45283: Information disclosure vulnerability in SAP NetWeaver AS for Java (Destination Service)
First published: Tue Sep 10 2024(Updated: )
SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data.
Credit: cna@sap.com
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/title
- agent/type
- agent/first-publish-date
- agent/description
- collector/nvd-api
- source/NVD
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/tags
- agent/event