CVE-2024-25642
CVE-2024-25642 is a high-severity vulnerability in Sap Cloud Connector with a CVSS 3.x base score of 7.4. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-295.
Key facts
- Severity: High (CVSS 3.x base score 7.4)
- EPSS exploit prediction: 1% (42nd percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2024-22958
- Weakness: CWE-295
- Affected product: Sap Cloud Connector
- Published:
- Last modified:
Description
Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the availability of the system.
Frequently asked questions
- What is CVE-2024-25642?
- Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the availability of the system.
- How severe is CVE-2024-25642?
- CVE-2024-25642 has a CVSS 3.x base score of 7.4, rated high severity. It is exploitable over network with high attack complexity, requires no privileges and no user interaction. Impact on confidentiality is high, integrity high, and availability none.
- Is CVE-2024-25642 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (42nd percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2024-25642?
- CVE-2024-25642 affects Sap Cloud Connector. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2024-25642?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- Does CVE-2024-25642 have an EU (EUVD) identifier?
- Yes. CVE-2024-25642 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2024-22958.
- When was CVE-2024-25642 published?
- CVE-2024-25642 was published on 2024-02-13 and last updated on 2026-06-17.
References
- http://seclists.org/fulldisclosure/2024/May/26
- https://me.sap.com/notes/3424610
- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Affected products (1)
- cpe:2.3:a:sap:cloud_connector:2.0:*:*:*:*:*:*:*
More vulnerabilities in Sap Cloud Connector
- CVE-2019-0247 — Critical (CVSS 9.8): SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the application.…
- CVE-2019-0246 — Critical (CVSS 9.8): SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require…
- CVE-2021-33695 — Critical (CVSS 9.1): Potentially, SAP Cloud Connector, version - 2.0 communication with the backend is accepted without sufficient…
- CVE-2021-33692 — High (CVSS 7.5): SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject…
- CVE-2021-33693 — Medium (CVSS 6.8): SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to inject…
- CVE-2021-33694 — Medium (CVSS 4.8): SAP Cloud Connector, version - 2.0, does not sufficiently encode user-controlled inputs, allowing an attacker with…
All CVEs affecting Sap Cloud Connector →
Other CWE-295 (Improper Certificate Validation) vulnerabilities
- CVE-2026-4370 — Critical (CVSS 10.0): A vulnerability was identified in Juju from version 3.2.0 until 3.6.19 and from version 4.0 until 4.0.4, where the…
- CVE-2026-30836 — Critical (CVSS 10.0): Step CA is an online certificate authority for secure, automated certificate management for DevOps. Versions 0.30.0-rc6…
- CVE-2025-68121 — Critical (CVSS 10.0): During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between…
- CVE-2022-20703 — Critical (CVSS 10.0): Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker…
- CVE-2021-1471 — Critical (CVSS 9.9): Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms…
- CVE-2026-20184 — Critical (CVSS 9.8): A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed…
Browse all CWE-295 (Improper Certificate Validation) vulnerabilities →