{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-10T17:19:52.657","vulnerabilities":[{"cve":{"id":"CVE-2024-41737","sourceIdentifier":"cna@sap.com","published":"2024-08-13T04:15:10.003","lastModified":"2024-09-12T13:49:41.953","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SAP CRM ABAP (Insights\nManagement) allows an authenticated attacker to enumerate HTTP endpoints in the\ninternal network by specially crafting HTTP requests. On successful\nexploitation this can result in information disclosure. It has no impact on\nintegrity and availability of the application."},{"lang":"es","value":"SAP CRM ABAP (Insights Management) permite a un atacante autenticado enumerar endpoints HTTP en la red interna mediante la elaboración especial de solicitudes HTTP. Si se explota con éxito, esto puede dar lugar a la divulgación de información. No tiene ningún impacto en la integridad y disponibilidad de la aplicación."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":1.4}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:crm_abap_insights_management:bbpcrm_700:*:*:*:*:*:*:*","matchCriteriaId":"56146502-6778-454C-A517-01ED658B57D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:crm_abap_insights_management:bbpcrm_701:*:*:*:*:*:*:*","matchCriteriaId":"6B715AC7-4B63-4EF0-A365-0AF70C353A13"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:crm_abap_insights_management:bbpcrm_702:*:*:*:*:*:*:*","matchCriteriaId":"6563AFD1-DD7A-45FE-92B2-E658B51F2BAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:crm_abap_insights_management:bbpcrm_712:*:*:*:*:*:*:*","matchCriteriaId":"1F64314D-14EB-4CAE-8E23-17C32DB5B2C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:crm_abap_insights_management:bbpcrm_713:*:*:*:*:*:*:*","matchCriteriaId":"46B2C8CC-A497-4E96-B052-54FB241FB29A"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:crm_abap_insights_management:bbpcrm_714:*:*:*:*:*:*:*","matchCriteriaId":"6B40DA99-17DA-4DB1-9ACB-5C9E91FCF54E"}]}]}],"references":[{"url":"https://me.sap.com/notes/3487537","source":"cna@sap.com","tags":["Permissions Required"]},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com","tags":["Vendor Advisory"]}]}}]}