CVE-2026-24313

MEDIUM WAF: Low

CVSS 5.0 Published: 2026-03-10

CWE-862

SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability.

WAF Coverage Analysis

Missing Authorization Low WAF Coverage

OWASP: A01:2021 Broken Access Control

References

me.sap.com
url.sap

Back to CVE Database