1. Home
  2. CVE Database
  3. CVE-2024-37177
HIGH · 8.1

CVE-2024-37177

SAP Financial Consolidation allows data to enter a Web application through an untrusted source. These endpoints are exposed over the network and it allows the user to modify the content from the web s...

Vulnerability Description

SAP Financial Consolidation allows data to enter a Web application through an untrusted source. These endpoints are exposed over the network and it allows the user to modify the content from the web site. On successful exploitation, an attacker can cause significant impact to confidentiality and integrity of the application.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2024-37177?

CVE-2024-37177 is a vulnerability with a CVSS score of 8.1 (HIGH). SAP Financial Consolidation allows data to enter a Web application through an untrusted source. These endpoints are exposed over the network and it allows the user to modify the content from the web s...

How severe is CVE-2024-37177?

CVE-2024-37177 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-37177?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.