{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T09:05:28.576","vulnerabilities":[{"cve":{"id":"CVE-2024-33005","sourceIdentifier":"cna@sap.com","published":"2024-08-13T04:15:07.740","lastModified":"2024-09-12T14:39:03.480","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Due to the missing authorization checks in the\nlocal systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application\nServer (ABAP and Java), and SAP Content Server can impersonate other users and\nmay perform some unintended actions. This could lead to a low impact on\nconfidentiality and a high impact on the integrity and availability of the\napplications."},{"lang":"es","value":"Debido a la falta de comprobaciones de autorización en los sistemas locales, los usuarios administradores de SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP y Java) y SAP Content Server pueden hacerse pasar por otros usuarios y realizar algunas acciones no deseadas. Esto podría tener un impacto bajo en la confidencialidad y un impacto alto en la integridad y disponibilidad de las aplicaciones."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.5}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:kernel_7.22:*:*:*:*:*:*:*","matchCriteriaId":"816DBDA9-E4F1-476B-95B3-19758627E3A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:kernel_7.53:*:*:*:*:*:*:*","matchCriteriaId":"E640D6CD-A1BA-46C5-B652-0A65F6FF17E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:kernel_7.54:*:*:*:*:*:*:*","matchCriteriaId":"5A3C3F09-14C5-4E8C-93B4-40F444F3B9F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:kernel_7.77:*:*:*:*:*:*:*","matchCriteriaId":"6F567192-ED9A-47B9-A386-0A83AB64948E"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:kernel_7.85:*:*:*:*:*:*:*","matchCriteriaId":"86C349D7-8F6C-42F4-9B8B-A7E0008FB3A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:kernel_7.89:*:*:*:*:*:*:*","matchCriteriaId":"A548E7E7-EAB0-40B7-89BD-F7682F76FD45"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:kernel_7.93:*:*:*:*:*:*:*","matchCriteriaId":"B3532BC5-507D-4517-A017-19E2B95A8FD9"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:krnl64nuc_7.22:*:*:*:*:*:*:*","matchCriteriaId":"BE1BE43A-6659-4C08-8194-F85FA47D7D81"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:krnl64nuc_7.22ext:*:*:*:*:*:*:*","matchCriteriaId":"4673CFDB-C17D-437B-8FE8-F0EA5BA97831"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.22:*:*:*:*:*:*:*","matchCriteriaId":"E415C122-70DF-478E-8493-4CF9E9AD934C"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.22ext:*:*:*:*:*:*:*","matchCriteriaId":"FA5A9939-C663-4B52-97DB-64D80B40FB5F"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_abap:krnl64uc_7.53:*:*:*:*:*:*:*","matchCriteriaId":"9F5C3E99-E68D-4CC2-8F9B-779406AE8B1A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_java:kernel_7.22:*:*:*:*:*:*:*","matchCriteriaId":"E0DB3FCF-F720-4DA5-AF2D-D0E3B1F2297E"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_java:kernel_7.53:*:*:*:*:*:*:*","matchCriteriaId":"7109185C-385B-451E-AD63-BC09BD06B1F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_java:kernel_7.54:*:*:*:*:*:*:*","matchCriteriaId":"D30D9CA9-4704-4CEA-AC05-C501ED5AAFCB"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_java:kernel_7.77:*:*:*:*:*:*:*","matchCriteriaId":"FDDEDE97-D538-4899-BEC0-0A1AF88283F2"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_java:kernel_7.85:*:*:*:*:*:*:*","matchCriteriaId":"A80E509A-4262-41F0-92B4-1A3639F4B80D"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_java:kernel_7.89:*:*:*:*:*:*:*","matchCriteriaId":"016D047B-F45A-4357-865F-75C6EB392FA7"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_java:kernel_7.93:*:*:*:*:*:*:*","matchCriteriaId":"4EA04598-FB33-4DF1-A5B1-1433FB7BCA28"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_java:krnl64nuc_7.22:*:*:*:*:*:*:*","matchCriteriaId":"D41AD192-F087-441A-B875-3626AD1142F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_java:krnl64nuc_7.22ext:*:*:*:*:*:*:*","matchCriteriaId":"6F8A21AA-F5E0-4332-9654-DABDCA0C5363"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_java:krnl64uc_7.22:*:*:*:*:*:*:*","matchCriteriaId":"D31F22F6-7C40-4FDB-A8CE-EF63E9E7B220"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_java:krnl64uc_7.22ext:*:*:*:*:*:*:*","matchCriteriaId":"4CABDDC7-44AF-4F15-BEB0-C60EFE732B3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_java:krnl64uc_7.53:*:*:*:*:*:*:*","matchCriteriaId":"F373984D-DB7D-4FA8-B8B1-DA9F55B4CDE3"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:content_server:kernel_7.22:*:*:*:*:*:*:*","matchCriteriaId":"EA4E320D-178F-4F08-A9F6-8244148768EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:content_server:kernel_7.53:*:*:*:*:*:*:*","matchCriteriaId":"414F67F4-A294-4097-B6E1-7FBBDEDB8AE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:content_server:kernel_7.54:*:*:*:*:*:*:*","matchCriteriaId":"CD0EDBD6-7716-4521-8E98-392DA6C6D7E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:content_server:kernel_7.77:*:*:*:*:*:*:*","matchCriteriaId":"36362B65-8434-404C-AAE6-D778E533B1DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:content_server:kernel_7.85:*:*:*:*:*:*:*","matchCriteriaId":"BEF1E060-A7ED-4ED3-A514-FCDE6EE52C57"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:content_server:kernel_7.89:*:*:*:*:*:*:*","matchCriteriaId":"598F9F0F-82C7-4199-8E86-65D8D6FC2BA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:content_server:kernel_7.93:*:*:*:*:*:*:*","matchCriteriaId":"FA38CCCD-9003-4A64-8646-66C4719C366F"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:content_server:krnl64nuc_7.22:*:*:*:*:*:*:*","matchCriteriaId":"5C4003CF-11F3-4BF6-B976-37DC0BB5F881"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:content_server:krnl64nuc_7.22ext:*:*:*:*:*:*:*","matchCriteriaId":"70C658C4-2571-4C71-A4CA-82AA6A4E7259"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:content_server:krnl64uc_7.22:*:*:*:*:*:*:*","matchCriteriaId":"B0052599-8162-44D5-B7B6-72C3DD621DB6"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:content_server:krnl64uc_7.22ext:*:*:*:*:*:*:*","matchCriteriaId":"E09C7350-983D-4D9D-B0EA-E1D9262EF6C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:content_server:krnl64uc_7.53:*:*:*:*:*:*:*","matchCriteriaId":"4191B6B2-EC7E-460E-A98F-A239AF022454"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:kernel_7.22:*:*:*:*:*:*:*","matchCriteriaId":"A2E1A535-8362-454E-AC22-85C4E957CCF5"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:kernel_7.53:*:*:*:*:*:*:*","matchCriteriaId":"A7E4BC89-114A-4EA3-A9E8-D956A26BCB18"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:kernel_7.54:*:*:*:*:*:*:*","matchCriteriaId":"65A5FFAC-93F9-4204-9FA1-4D749D443173"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:kernel_7.77:*:*:*:*:*:*:*","matchCriteriaId":"E0098E57-6A7F-4CC6-8109-E2400E0FFFEB"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:kernel_7.85:*:*:*:*:*:*:*","matchCriteriaId":"E7ABB030-9A13-4194-A2A4-9623B2F22D7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:kernel_7.89:*:*:*:*:*:*:*","matchCriteriaId":"DB22EAAE-F75C-4902-9734-52B048D5D7B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:kernel_7.93:*:*:*:*:*:*:*","matchCriteriaId":"30459CD4-451D-4C3D-8FE2-17552F83D7CA"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:krnl64nuc_7.22:*:*:*:*:*:*:*","matchCriteriaId":"3CA8BFCF-0A55-4DEE-B426-1DEF04DA0464"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:krnl64nuc_7.22ext:*:*:*:*:*:*:*","matchCriteriaId":"54AE89EF-E64B-43C5-B9C2-8F41ACCD3482"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:krnl64uc_7.22:*:*:*:*:*:*:*","matchCriteriaId":"52C58E1D-8A91-451C-A1E1-85BE336DC763"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:krnl64uc_7.22ext:*:*:*:*:*:*:*","matchCriteriaId":"89262244-880C-41CB-A904-3B06D3A73460"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:krnl64uc_7.53:*:*:*:*:*:*:*","matchCriteriaId":"3A8CD933-E217-445A-B244-C07625F9EE74"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:webdisp_7.22_ext:*:*:*:*:*:*:*","matchCriteriaId":"715F51D3-00BA-4512-A8E4-FE32F4B176F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:webdisp_7.53:*:*:*:*:*:*:*","matchCriteriaId":"5481831F-91CC-49DD-A54B-277A6E6D22AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:webdisp_7.54:*:*:*:*:*:*:*","matchCriteriaId":"F04B311B-7FCC-421E-BF3C-8D020245F83D"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:webdisp_7.77:*:*:*:*:*:*:*","matchCriteriaId":"44FA685E-8C00-45E0-AC72-C21EA1DD66FC"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:webdisp_7.85:*:*:*:*:*:*:*","matchCriteriaId":"3905B636-9BD2-4D27-8CE8-35135F98B7BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:webdisp_7.89:*:*:*:*:*:*:*","matchCriteriaId":"F7B0AEE9-CD7F-47D5-8F3C-08E1BEE9E820"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:web_dispatcher:webdisp_7.93:*:*:*:*:*:*:*","matchCriteriaId":"C04CED5F-79E6-410C-8BA4-2F202810576A"}]}]}],"references":[{"url":"https://me.sap.com/notes/3438085","source":"cna@sap.com","tags":["Permissions Required"]},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com","tags":["Vendor Advisory"]}]}}]}