What is CVE-2024-47577?

CVE-2024-47577 is a low-severity vulnerability in Sap_se Sap Commerce Cloud, classified under Cleartext Transmission of Sensitive Information. CVSS score: 2.7/10. Published 2024-12-10.

How severe is CVE-2024-47577?

Low severity. CVSS v3 base score is 2.7 out of 10.

Vulnerability in Sap_se Sap Commerce Cloud

CVE-2024-47577

Webservice API endpoints for Assisted Service Module within SAP Commerce Cloud has information disclosure vulnerability. When an authorized agent searches for customer to manage their accounts, the request url includes customer data and it…

EPSS: 0.000 (15.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 2.7 (Low). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N.

Affected products

Sap_se Sap Commerce Cloud — versions HY_COM 2205, COM_CLOUD 2211

Weakness classification (CWE)

CWE-319 — Cleartext Transmission of Sensitive Information

References

me.sap.com/notes/3535451
url.sap/sapsecuritypatchday

Frequently asked questions

What is CVE-2024-47577?: CVE-2024-47577 is a low-severity vulnerability in Sap_se Sap Commerce Cloud, classified under Cleartext Transmission of Sensitive Information. CVSS score: 2.7/10. Published 2024-12-10.
How severe is CVE-2024-47577?: Low severity. CVSS v3 base score is 2.7 out of 10.