Vulnerability Description
The Resource Settings page allows a high privilege attacker to load exploitable payload to be stored and reflected whenever a User visits the page. In a successful attack, some information could be obtained and/or modified. However, the attacker does not have control over what information is obtained, or the amount or kind of loss is limited.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://me.sap.com/notes/3421453
- https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?an
- https://me.sap.com/notes/3421453
- https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?an
FAQ
What is CVE-2024-30215?
CVE-2024-30215 is a vulnerability with a CVSS score of 4.8 (MEDIUM). The Resource Settings page allows a high privilege attacker to load exploitable payload to be stored and reflected whenever a User visits the page. In a successful attack, some information could be ob...
How severe is CVE-2024-30215?
CVE-2024-30215 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-30215?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.