CVE-2024-41737

MEDIUM Year: 2024
CVSS v3 Score
5.0
Medium
Weakness Type
CWE-918
View all →

Vulnerability Description

SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the application.

Related Vulnerabilities

CVE-2018-20497

MEDIUM
CVSS:5.0(Medium)

An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF.

CWE-9182018

CVE-2019-1679

MEDIUM
CVSS:5.0(Medium)

A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote att...

CWE-9182019

CVE-2020-12644

MEDIUM
CVSS:5.0(Medium)

OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API.

CWE-9182020

CVE-2020-15002

MEDIUM
CVSS:5.0(Medium)

OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message message API.

CWE-9182020

CVE-2020-36232

MEDIUM
CVSS:5.0(Medium)

The MessageBundleWhiteList class of atlassian-gadgets before version 4.2.37, from version 4.3.0 before 4.3.14, from version 4.3.2.0 before 4.3.2.4, from version 4.4.0 before 4.4.12, and from version 5...

CWE-9182020