How severe is CVE-2024-47576?

This vulnerability has a severity rating of LOW with a CVSS score of 3.3 out of 10.

What type of vulnerability is CVE-2024-47576?

This is classified as CWE-427, which is a common weakness in software security.

CVE-2024-47576 - LOW Severity | CVSS 3.3

Vulnerability Description

SAP Product Lifecycle Costing Client (versions below 4.7.1) application loads on demand a DLL that is available with Windows OS. This DLL is loaded from the computer running SAP Product Lifecycle Costing Client application. That particular DLL could be replaced by a malicious one, that could execute commands as being part of SAP Product Lifecycle Costing Client Application. On a successful attack, it can cause a low impact to confidentiality but no impact to the integrity and availability of the application.

Related Vulnerabilities

CVE-2023-51710

MEDIUM

CVSS:4.2(Medium)

EMS SQL Manager 3.6.2 (build 55333) for Oracle allows DLL hijacking: a user can trigger the execution of arbitrary code every time the product is executed.

CWE-4272023

CVE-2022-44744

LOW

CVSS:2.2(Low)

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.

CWE-4272022

CVE-2020-5324

MEDIUM

CVSS:4.4(Medium)

Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being exe...

CWE-4272020

CVE-2018-12163

MEDIUM

CVSS:4.8(Medium)

A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access.

CWE-4272018

CVE-2019-1794

MEDIUM

CVSS:5.1(Medium)

A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled sea...

CWE-4272019

CVE-2017-3090

CRITICAL

CVSS:9.8(Critical)

Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of browser related library extensions in the ins...

CWE-4272017