CVE-2024-24739

MEDIUM

SAP Bank Account Management - Authenticated Privilege Escalation

Title source: llm

Description

SAP Bank Account Management (BAM) allows an authenticated user with restricted access to use functions which can result in escalation of privileges with low impact on confidentiality, integrity and availability of the application.

References (2)

Core 2

Core References

Permissions Required

https://me.sap.com/notes/2637727

Vendor Advisory

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Scores

CVSS v3 6.3

EPSS 0.0011

EPSS Percentile 28.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-862

Status published

Products (4)

sap/bank_account_management s4core_100

sap/bank_account_management s4core_101

sap/bank_account_management sap_fin_618

sap/bank_account_management sap_fin_730

Published Feb 13, 2024

Tracked Since Feb 18, 2026