CVE-2024-37171 – SAP Transportation Management (Collaboration Porta

CVE ID : CVE-2024-37171

Published : July 9, 2024, 5:15 a.m. | 1 hour, 5 minutes ago

Description : SAP Transportation Management (Collaboration
Portal) allows an attacker with non-administrative privileges to send a crafted
request from a vulnerable web application. This will trigger the application
handler to send a request to an unintended service, which may reveal
information about that service. The information obtained could be used to
target internal systems behind firewalls that are normally inaccessible to an
attacker from the external network, resulting in a Server-Side Request Forgery
vulnerability. There is no effect on integrity or availability of the
application.

Severity: 5.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…CVE ID : CVE-2024-37171

Published : July 9, 2024, 5:15 a.m. | 1 hour, 5 minutes ago

Description : SAP Transportation Management (Collaboration
Portal) allows an attacker with non-administrative privileges to send a crafted
request from a vulnerable web application. This will trigger the application
handler to send a request to an unintended service, which may reveal
information about that service. The information obtained could be used to
target internal systems behind firewalls that are normally inaccessible to an
attacker from the external network, resulting in a Server-Side Request Forgery
vulnerability. There is no effect on integrity or availability of the
application.

Severity: 5.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…