CVE-2024-21734

Description

SAP Marketing (Contacts App) - version 160, allows an attacker with low privileges to trick a user to open malicious page which could lead to a very convincing phishing attack with low impact on confidentiality and integrity of the application.

CVSS Version 3.1

nvd
CVE ID: CVE-2024-21734
Base Score: 5.4
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Impact Score: 2.7
Exploitability Score: 2.3

sap
CVE ID: CVE-2024-21734
Base Score: 3.7
Base Severity: LOW
Vector String:CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
Impact Score: 2.5
Exploitability Score: 1.2

Refrence: NVD MITRE

Description​

Description