Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Structures), an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not impacted.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NSap Manage Reference Structures
APPSapuis4h_109Sap S\/4hana
APPSapwszystkie wersje
Powiązane podatności
SAP CRM / S/4HANA Scripting Editor — nieautoryzowane wykonanie SQL
The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does ...
The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does ...
Due to improper input sanitization, an authenticated user with certain specific privileges can remotely call N...
During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messa...