What is CVE-2026-24315?

CVE-2026-24315 is a medium-severity vulnerability, classified under Path Traversal: '.../...//'. CVSS score: 4.2/10. Published 2026-06-09.

How severe is CVE-2026-24315?

Medium severity. CVSS v3 base score is 4.2 out of 10.

CVE-2026-24315

CVE-2026-24315

SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires a…

CVSS v3 metric

CVSS v3 base score 4.2 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N.

Weakness classification (CWE)

CWE-35 — Path Traversal: '.../...//'

References

cna@sap.com
cna@sap.com

Frequently asked questions

What is CVE-2026-24315?: CVE-2026-24315 is a medium-severity vulnerability, classified under Path Traversal: '.../...//'. CVSS score: 4.2/10. Published 2026-06-09.
How severe is CVE-2026-24315?: Medium severity. CVSS v3 base score is 4.2 out of 10.