CVE-2026-24316
Server-Side Request Forgery (SSRF) in SAP NetWeaver Application Server for ABAP
SAP NetWeaver Application Server for ABAP provides an ABAP Report for testing purposes, which allows to send HTTP requests to arbitrary internal or external endpoints. The report is therefore vulnerable to Server-Side Request Forgery (SSRF). Successful exploitation could lead to interaction with potentially sensitive internal endpoints, resulting in a low impact on data confidentiality and integrity. There is no impact on availability of the application.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Productos afectados
SAP_SE · SAP NetWeaver Application Server for ABAP¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →