CVE-2026-24313

Description

SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability.

References

https://url.sap/sapsecuritypatchday

https://me.sap.com/notes/3707930

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS