CVE-2024-45282
MEDIUMDescription
Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations. Confidentiality and Availability are not impacted.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| sap | s\/4_hana |
| sap | s\/4_hana |
| sap | s\/4_hana |
| sap | s\/4_hana |
| sap | s\/4_hana |
| sap | s\/4_hana |
References
Advisories & Patches
Other References
Frequently Asked Questions
What is CVE-2024-45282? +
How severe is CVE-2024-45282? +
What products are affected by CVE-2024-45282? +
How do I check if I'm vulnerable to CVE-2024-45282? +
Related Vulnerabilities
IBM Security Verify Access 10.0.0 through 10.0.7 and IBM Application Gateway 20.01 through 24.03 could allow a remote attacker to …
Dell Avamar, versions prior to 19.10 SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability …
ChurchCRM is an open-source church management system. Prior to 7.3.2, top-level cross-site GET navigation from an attacker-controlled page to FundRaiserDelete.php, …
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.
IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file …