{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T18:24:25.855","vulnerabilities":[{"cve":{"id":"CVE-2026-24313","sourceIdentifier":"cna@sap.com","published":"2026-03-10T17:35:55.620","lastModified":"2026-03-11T13:53:47.157","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability."},{"lang":"es","value":"SAP Solution Tools Plug-In (ST-PI) contiene un módulo de función que no realiza las comprobaciones de autorización necesarias para usuarios autenticados, lo que permite la divulgación de información del sistema. Esta vulnerabilidad tiene un bajo impacto en la confidencialidad y no afecta a la integridad ni a la disponibilidad."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":1.4}]},"weaknesses":[{"source":"cna@sap.com","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://me.sap.com/notes/3707930","source":"cna@sap.com"},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com"}]}}]}