Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.0
SAP Solution Tools Plug-In leaks sensitive system information
CVE-2026-24313
Summary
An authenticated user can access sensitive system details without permission. This could potentially compromise confidentiality. Update SAP Solution Tools Plug-In to the latest version.
Original title
SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vul...
Original description
SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability.
nvd CVSS3.1
5.0
Vulnerability type
CWE-862
Missing Authorization
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026