{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T07:09:04.371","vulnerabilities":[{"cve":{"id":"CVE-2024-42377","sourceIdentifier":"cna@sap.com","published":"2024-08-13T04:15:11.290","lastModified":"2024-09-12T13:42:11.890","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SAP shared service framework allows an\nauthenticated non-administrative user to call a remote-enabled function, which\nwill allow them to insert value entries into a non-sensitive table, causing low\nimpact on integrity of the application"},{"lang":"es","value":"El framework de servicios compartidos de SAP permite a un usuario no administrativo autenticado llamar a una función habilitada de forma remota, lo que le permitirá insertar entradas de valores en una tabla no confidencial, lo que causa un bajo impacto en la integridad de la aplicación."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_702:*:*:*:*:*:*:*","matchCriteriaId":"5AC1EAA0-7B20-4B4C-9F7D-8F7832D91BCE"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_731:*:*:*:*:*:*:*","matchCriteriaId":"CFE56A04-ADDE-4A27-87CA-C801DFA5CD80"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_746:*:*:*:*:*:*:*","matchCriteriaId":"36822481-BB89-421A-99D5-33854E6080B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_747:*:*:*:*:*:*:*","matchCriteriaId":"6BA0ED8A-F75D-49DF-BD37-CD3273E2F8E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_748:*:*:*:*:*:*:*","matchCriteriaId":"6852223A-C675-4F29-92E4-90092DBDF11E"}]}]}],"references":[{"url":"https://me.sap.com/notes/3474590","source":"cna@sap.com","tags":["Permissions Required"]},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com","tags":["Vendor Advisory"]}]}}]}