CVE-2024-21735 HIGH

CVE-2024-21735: Improper Authorization check in SAP LT Replication Server

Vendor Sap_Se

Product SAP LT Replication Server

Weakness CWE-863 · Incorrect authorization

Published January 9, 2024

Last update June 17, 2025

View on NVD All CVEs

CVSS base score

7.3/10

Attack vector Adjacent

Attack complexity High

Privileges required High

User interaction Required

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. This could allow an attacker with high privileges to perform unintended actions, resulting in escalation of privileges, which has High impact on confidentiality, integrity and availability of the system.

Key dates

02Disclosure timeline

January 9, 2024 CVE published

June 17, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-21735 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/863.html

Related vulnerabilities

Identifiers

CVE CVE-2024-21735

CWE CWE-863

CVSS 7.3 / HIGH

Affected versions

Vendor Sap_Se

Product SAP LT Replication Server

Affected S4CORE 103

Vendor Sap_Se

Product SAP LT Replication Server

Affected S4CORE 104

Vendor Sap_Se

Product SAP LT Replication Server

Affected S4CORE 105

Vendor Sap_Se

Product SAP LT Replication Server

Affected S4CORE 106

Vendor Sap_Se

Product SAP LT Replication Server

Affected S4CORE 107

Vendor Sap_Se

Product SAP LT Replication Server

Affected S4CORE 108

CVE-2024-21735: Improper Authorization check in SAP LT Replication Server

01Description

02Disclosure timeline

03References

04Related CVE