How severe is CVE-2024-54198?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.5 out of 10.

What type of vulnerability is CVE-2024-54198?

This is classified as CWE-914, which is a common weakness in software security.

CVE-2024-54198

HIGH Year: 2024

CVSS v3 Score

8.5

High

Weakness Type

CWE-914

View all →

Vulnerability Description

In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely compromise the remote service, potentially resulting in a significant impact on the confidentiality, integrity, and availability of the application.

CVE-2024-24914

HIGH

CVSS:8.0(High)

Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available.

CWE-9142024

CVE-2023-33175

HIGH

CVSS:7.5(High)

ToUI is a Python package for creating user interfaces (websites and desktop apps) from HTML. ToUI is using Flask-Caching (SimpleCache) to store user variables. Websites that use `Website.user_vars` pr...

CWE-9142023

CVE-2024-24914

HIGH

CVSS:8.0(High)

Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available.

CWE-9142024

CVE-2023-33175

HIGH

CVSS:7.5(High)

CWE-9142023

CVE-2024-54198

Vulnerability Description

Related Vulnerabilities

CVE-2024-24914

CVE-2023-33175

CVE-2024-24914

CVE-2023-33175