CVE-2024-28164

SAP NetWeaver AS Java (CAF - Guided Procedures) allows an unauthenticated user to access non-sensitive information about the server which would otherwise be restricted causing low impact on confidentiality of the application.

Published: Jun 11, 2024
Updated: Aug 7, 2024
CVE: CVE-2024-28164
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
sap / netweaver_application_server_java	gp-core_7.5	gp-core_7.5.x

https://me.sap.com/notes/3425571
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html

Vulnerability Database

289,697

CVE-2024-28164