{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T01:17:30.634","vulnerabilities":[{"cve":{"id":"CVE-2026-24311","sourceIdentifier":"cna@sap.com","published":"2026-03-10T17:35:55.360","lastModified":"2026-03-11T13:53:47.157","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"The SAP Customer Checkout application exhibits certain design characteristics that involve locally storing operational data using reversible protection mechanisms. Access to this data, combined with user?initiated interaction, may allow modifications to occur without validation. Such changes could affect system behaviour during startup, resulting in a high impact on the application's confidentiality and integrity, with a low impact on availability."},{"lang":"es","value":"La aplicación SAP Customer Checkout presenta ciertas características de diseño que implican el almacenamiento local de datos operativos utilizando mecanismos de protección reversibles. El acceso a estos datos, combinado con la interacción iniciada por el usuario, puede permitir que se produzcan modificaciones sin validación. Dichos cambios podrían afectar el comportamiento del sistema durante el inicio, lo que resultaría en un alto impacto en la confidencialidad e integridad de la aplicación, con un bajo impacto en la disponibilidad."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":0.1,"impactScore":5.5}]},"weaknesses":[{"source":"cna@sap.com","type":"Primary","description":[{"lang":"en","value":"CWE-312"}]}],"references":[{"url":"https://me.sap.com/notes/3708457","source":"cna@sap.com"},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com"}]}}]}