Vulnerabilities > CVE-2024-44112 - Missing Authorization vulnerability in SAP OIL %/ GAS
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
LOW Availability impact
NONE Summary
Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow them to delete non-sensitive entries in a user data table. There is no effect on confidentiality or availability.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 15 |