Security Advisory

CVE-2024-54198

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-10 00:12:47

Last updated 2024-12-10 21:28:02

Assigner sap

State PUBLISHED

Description

In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely compromise the remote service, potentially resulting in a significant impact on the confidentiality, integrity, and availability of the application.

← Browse all CVEs View on cve.org ↗