CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-24316

SAP NetWeaver Application Server for ABAP provides an ABAP Report for testing purposes, which allows to send HTTP requests to arbitrary internal or external endpoints. The report is therefore vulnerable to Server-Side Request Forgery (SSRF). Successful exploitation could lead to interaction with potentially sensitive internal endpoints, resulting in a low impact on data confidentiality and integrity. There is no impact on availability of the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 5.8%

CVSS Severity

CVSS v3 Score 6.4

References

Products affected by CVE-2026-24316

Sap » Netweaver Application Server Abap » Version: 740

cpe:2.3:a:sap:netweaver_application_server_abap:740
Sap » Netweaver Application Server Abap » Version: 750

cpe:2.3:a:sap:netweaver_application_server_abap:750
Sap » Netweaver Application Server Abap » Version: 752

cpe:2.3:a:sap:netweaver_application_server_abap:752
Sap » Netweaver Application Server Abap » Version: 753

cpe:2.3:a:sap:netweaver_application_server_abap:753
Sap » Netweaver Application Server Abap » Version: 754

cpe:2.3:a:sap:netweaver_application_server_abap:754
Sap » Netweaver Application Server Abap » Version: 755

cpe:2.3:a:sap:netweaver_application_server_abap:755
Sap » Netweaver Application Server Abap » Version: 756

cpe:2.3:a:sap:netweaver_application_server_abap:756
Sap » Netweaver Application Server Abap » Version: 757

cpe:2.3:a:sap:netweaver_application_server_abap:757
Sap » Netweaver Application Server Abap » Version: 758

cpe:2.3:a:sap:netweaver_application_server_abap:758
Sap » Netweaver Application Server Abap » Version: 816

cpe:2.3:a:sap:netweaver_application_server_abap:816
Sap » Netweaver Application Server Abap » Version: 918

cpe:2.3:a:sap:netweaver_application_server_abap:918

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-24316

Products

Pricing

Contact Us