{"cve":{"cve_id":"CVE-2024-34692","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.0018,"epss_percentile":0.0771,"epss_as_of":"2026-06-23","description":"Due to missing verification of file type or\ncontent, SAP Enable Now allows an authenticated attacker to upload arbitrary\nfiles. These files include executables which might be downloaded and executed\nby the user which could host malware. On successful exploitation an attacker\ncan cause limited impact on confidentiality and Integrity of the application.","published_at":"2024-07-09T04:43:05.361000Z","last_modified_at":null,"cvss_v3_score":3.3,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N","cvss_v3_severity":"LOW","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":false,"ssvc_technical_impact":"partial","cwes":["CWE-434"],"nvd_references":["https://url.sap/sapsecuritypatchday","https://me.sap.com/notes/3476340"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T02:00:20.813544Z"},"effective_severity":"LOW","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"H","value_label":"High"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"R","value_label":"Required"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"L","value_label":"Low"},{"metric":"I","name":"Integrity","value":"L","value_label":"Low"},{"metric":"A","name":"Availability","value":"N","value_label":"None"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"sap-se","vendor_name":"SAP_SE","product_slug":"sap-enable-now","product_name":"SAP Enable Now","version_start":"WPB_MANAGER_CE 10","version_start_inclusive":true,"version_end":"WPB_MANAGER_CE 10","version_end_inclusive":true,"cpe23_uri":"cve5:sap-se:sap-enable-now:WPB_MANAGER_CE 10:WPB_MANAGER_CE 10"},{"vendor_slug":"sap-se","vendor_name":"SAP_SE","product_slug":"sap-enable-now","product_name":"SAP Enable Now","version_start":"WPB_MANAGER_HANA 10","version_start_inclusive":true,"version_end":"WPB_MANAGER_HANA 10","version_end_inclusive":true,"cpe23_uri":"cve5:sap-se:sap-enable-now:WPB_MANAGER_HANA 10:WPB_MANAGER_HANA 10"},{"vendor_slug":"sap-se","vendor_name":"SAP_SE","product_slug":"sap-enable-now","product_name":"SAP Enable Now","version_start":"ENABLE_NOW_CONSUMP_DEL 1704","version_start_inclusive":true,"version_end":"ENABLE_NOW_CONSUMP_DEL 1704","version_end_inclusive":true,"cpe23_uri":"cve5:sap-se:sap-enable-now:ENABLE_NOW_CONSUMP_DEL 1704:ENABLE_NOW_CONSUMP_DEL 1704"}],"exploit_refs":[],"news":[],"references":[{"url":"https://url.sap/sapsecuritypatchday","source_type":"MISC","tags":["patch"]},{"url":"https://me.sap.com/notes/3476340","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2024-07-09T04:43:05.361000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:35:56.094721Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:35:56.094721Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:35:56.094721Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T02:00:20.813544Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:00:20.813544Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:00:20.813544Z","label":"SSVC decision revised","source":"vulnrichment"}]}