Vulnerabilities

CVE-2024-25642

by Fred · 13/02/2024

Due to improper validation of certificate in SAP Cloud Connector – version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the availability of the system.

More information : http://seclists.org/fulldisclosure/2024/May/26

Similar

Tags: Cybersecurity Alert