Severity
Medium
Analysis Summary
CVE-2024-32730
SAP Enable Now could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper authorization validation. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to access other user's data in manager.
Impact
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-32730
Affected Vendors
SAP
Affected Products
- SAP Enable Now 1704
Remediation
Current SAP customers should refer to SAP Security Document for patch information, available from the SAP Website (login required).