Skip to main content

Document Builder

2 CVEs product

Monthly

CVE-2024-39591 MEDIUM This Month

SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass SAP Document Builder
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-34683 MEDIUM PATCH This Month

An authenticated attacker can upload malicious file to SAP Document Builder service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

SAP File Upload Document Builder
NVD
CVSS 3.1
6.5
EPSS
0.2%
EPSS 0% CVSS 5.3
MEDIUM This Month

SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass SAP Document Builder
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An authenticated attacker can upload malicious file to SAP Document Builder service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

SAP File Upload Document Builder
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy