Vulnerability CVE-2024-41728
Published: 2024-09-10

Description:
Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impact on confidentiality, as this attacker would otherwise not have access to view these objects.

Type:

CWE-862

 (Missing Authorization)

 References:
https://me.sap.com/notes/3496410
https://url.sap/sapsecuritypatchday
Copyright 2026, cxsecurity.com

 

Back to Top