CVE-2024-27898 Information

Description

SAP NetWeaver application due to insufficient input validation allows an attacker to send a crafted request from a vulnerable web application targeting internal systems behind firewalls that are normally inaccessible to an attacker from the external network resulting in a Server-Side Request Forgery vulnerability. Thus having a low impact on confidentiality.

Reference

https://me.sap.com/notes/3425188 https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364