{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-01T05:27:00.686","vulnerabilities":[{"cve":{"id":"CVE-2024-37176","sourceIdentifier":"cna@sap.com","published":"2024-06-11T03:15:12.020","lastModified":"2024-11-21T09:23:21.937","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SAP BW/4HANA Transformation and Data Transfer\nProcess (DTP) allows an authenticated attacker to gain higher access levels\nthan they should have by exploiting improper authorization checks. This results\nin escalation of privileges. It has no impact on the confidentiality of data\nbut may have low impacts on the integrity and availability of the application."},{"lang":"es","value":"El proceso de transformación y transferencia de datos (DTP) de SAP BW/4HANA permite que un atacante autenticado obtenga niveles de acceso más altos de los que debería tener al explotar controles de autorización inadecuados. Esto da como resultado una escalada de privilegios. No tiene ningún impacto en la confidencialidad de los datos, pero puede tener impactos bajos en la integridad y disponibilidad de la aplicación."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:300:*:*:*:*:*:*:*","matchCriteriaId":"7CCF4C28-1C0B-43C3-A870-C30F53BCAA2B"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:400:*:*:*:*:*:*:*","matchCriteriaId":"75EF2D12-866D-4AA5-A5C7-28CC069CABC4"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:750:*:*:*:*:*:*:*","matchCriteriaId":"6F5A41E1-1F2A-4EF4-A275-B6FD5D48D457"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:751:*:*:*:*:*:*:*","matchCriteriaId":"212EBCB5-D90A-4240-BAFE-396AC8EA5673"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:752:*:*:*:*:*:*:*","matchCriteriaId":"563665A1-2517-46BA-A922-FF30C039DFA3"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:753:*:*:*:*:*:*:*","matchCriteriaId":"A1FE07CA-8391-4E1C-ADF1-47D0E095522C"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:754:*:*:*:*:*:*:*","matchCriteriaId":"0A30A302-C5A3-4A8C-BA8B-94EA32FF5CB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:755:*:*:*:*:*:*:*","matchCriteriaId":"F1567AA0-84D6-4B33-AF74-131FF99E7B0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:756:*:*:*:*:*:*:*","matchCriteriaId":"40B22479-CDB1-4816-9F6C-B9E8F20C530E"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:757:*:*:*:*:*:*:*","matchCriteriaId":"4D0D0D15-86ED-417D-9D09-4355D5C9AD5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:758:*:*:*:*:*:*:*","matchCriteriaId":"6DA8F2E8-343D-4C62-B5DE-7F8714387AED"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:796:*:*:*:*:*:*:*","matchCriteriaId":"479ED325-5872-4E26-8F53-975F0F5580CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:dw4core_200:*:*:*:*:*:*:*","matchCriteriaId":"1163D7AA-77D0-4949-8022-1D275FC0EB03"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:bw\\/4hana:sap_bw_740:*:*:*:*:*:*:*","matchCriteriaId":"8BF1CD75-09C0-4807-A066-F729B663697A"}]}]}],"references":[{"url":"https://me.sap.com/notes/3465455","source":"cna@sap.com","tags":["Permissions Required"]},{"url":"https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html","source":"cna@sap.com","tags":["Patch","Vendor Advisory"]},{"url":"https://me.sap.com/notes/3465455","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]},{"url":"https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}