{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T11:52:24.243","vulnerabilities":[{"cve":{"id":"CVE-2026-24310","sourceIdentifier":"cna@sap.com","published":"2026-03-10T17:35:55.180","lastModified":"2026-03-11T13:53:47.157","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module and read the sensitive information from database catalog of the ABAP system. This vulnerability has low impact on the application's confidentiality with no effect on the integrity and availability."},{"lang":"es","value":"Debido a la falta de verificación de autorización en el Servidor de aplicaciones SAP NetWeaver para ABAP, un atacante autenticado podría ejecutar un módulo de función ABAP específico y leer información sensible del catálogo de la base de datos del sistema ABAP. Esta vulnerabilidad tiene un bajo impacto en la confidencialidad de la aplicación, sin efecto en la integridad y disponibilidad."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}]},"weaknesses":[{"source":"cna@sap.com","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://me.sap.com/notes/3694383","source":"cna@sap.com"},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com"}]}}]}