{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T13:59:09.628","vulnerabilities":[{"cve":{"id":"CVE-2024-39600","sourceIdentifier":"cna@sap.com","published":"2024-07-09T05:15:13.147","lastModified":"2025-01-22T18:33:47.870","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Under certain conditions, the memory of SAP GUI\nfor Windows contains the password used to log on to an SAP system, which might\nallow an attacker to get hold of the password and impersonate the affected\nuser. As a result, it has a high impact on the confidentiality but there is no\nimpact on the integrity and availability."},{"lang":"es","value":"Bajo ciertas condiciones, la memoria de SAP GUI para Windows contiene la contraseña utilizada para iniciar sesión en un sistema SAP, lo que podría permitir a un atacante obtener la contraseña y hacerse pasar por el usuario afectado. Como resultado, tiene un alto impacto en la confidencialidad pero no hay impacto en la integridad y disponibilidad."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.6,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.6,"impactScore":3.6}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:gui_for_windows:8.0:*:*:*:*:*:*:*","matchCriteriaId":"74ED382C-6C84-4C2F-BF8E-51AC10DB3611"}]}]}],"references":[{"url":"https://me.sap.com/notes/3461110","source":"cna@sap.com","tags":["Permissions Required"]},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com","tags":["Vendor Advisory"]},{"url":"https://me.sap.com/notes/3461110","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]},{"url":"https://url.sap/sapsecuritypatchday","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}