{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T08:34:48.394","vulnerabilities":[{"cve":{"id":"CVE-2024-39596","sourceIdentifier":"cna@sap.com","published":"2024-07-09T05:15:12.710","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Due to missing authorization checks, SAP Enable\nNow allows an author to escalate privileges to access information which should\notherwise be restricted. On successful exploitation, the attacker can cause\nlimited impact on confidentiality of the application."},{"lang":"es","value":"Debido a la falta de comprobaciones de autorización, SAP Enable Now permite a un autor escalar privilegios para acceder a información que de otro modo debería estar restringida. Si la explotación tiene éxito, el atacante puede causar un impacto limitado en la confidencialidad de la aplicación."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://me.sap.com/notes/3476348","source":"cna@sap.com"},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com"},{"url":"https://me.sap.com/notes/3476348","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://url.sap/sapsecuritypatchday","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}