Vulnerability Description
Self-Registration and Modify your own profile in User Admin Application of NetWeaver AS Java does not enforce proper security requirements for the content of the newly defined security answer. This can be leveraged by an attacker to cause profound impact on confidentiality and low impact on both integrity and availability.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://me.sap.com/notes/3434839
- https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?an
- https://me.sap.com/notes/3434839
- https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?an
FAQ
What is CVE-2024-27899?
CVE-2024-27899 is a vulnerability with a CVSS score of 8.8 (HIGH). Self-Registration and Modify your own profile in User Admin Application of NetWeaver AS Java does not enforce proper security requirements for the content of the newly defined security answer. This ca...
How severe is CVE-2024-27899?
CVE-2024-27899 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-27899?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.