What is the CVSS score of CVE-2024-21735?

CVE-2024-21735 has a CVSS 3.1 base score of 7.3 (High). CVSS vector: CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Lt Replication Server are affected by CVE-2024-21735?

CVE-2024-21735 presents moderate security risk, a incorrect authorization vulnerability rated CVSS 7.3.

How to fix or mitigate CVE-2024-21735?

Within 30 days: Identify all affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Lt Replication Server CVE-2024-21735

HIGH

Incorrect Authorization (CWE-863)

2024-01-09 cna@sap.com

Authentication Bypass SAP Lt Replication Server

7.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

High

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 19:34 vuln.today

CVE Published

Jan 09, 2024 - 01:15 nvd

HIGH 7.3

DescriptionNVD

SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. This could allow an attacker with high privileges to perform unintended actions, resulting in escalation of privileges, which has High impact on confidentiality, integrity and availability of the system.

AnalysisAI

SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. Rated high severity (CVSS 7.3). No vendor patch available.

Technical ContextAI

This vulnerability is classified as Incorrect Authorization (CWE-863), which allows attackers to bypass authorization checks to access restricted resources. SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. This could allow an attacker with high privileges to perform unintended actions, resulting in escalation of privileges, which has High impact on confidentiality, integrity and availability of the system. Affected products include: Sap Lt Replication Server.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Review and test authorization logic, implement consistent access control checks, use centralized authorization framework.

CVE-2024-21735 vulnerability details – vuln.today

Back

Lt Replication Server CVE-2024-21735

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code