SAP Just In Time(JIT) does not perform necessary authorization checks for an authenticated user, allowing attacker to escalate privileges that would otherwise be restricted, potentially causing a low
SAP HCM Approve Timesheets Version 4 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.There is low impact on integrity of th
UI synchronization issue in the Just-in-Time (JIT) access request approval interface in Devolutions Server 2025.2.4.0 and earlier allows a remote authenticated attacker to gain unauthorized access to
SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on Confidentiality, integ
SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on confidentiality, integ
SAP Netweaver System Configuration does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could completely compromise the integrity and
An obsolete functionality in SAP NetWeaver Application Server ABAP did not perform necessary authorization checks. Because of this, an authenticated attacker could obtain information that would otherw
Due to a missing authorization check in SAP NetWeaver Application server for ABAP, an authenticated user with high privileges could exploit the insufficient validation of user permissions to access se
Elements of PDCE does not perform necessary
authorization checks for an authenticated user, resulting in escalation of
privileges.
This
allows an attacker to read sensitive information causing high
SAP S4CORE (Manage journal entries) does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. This has low impact on confidentiality of the appli
RFC inbound processing�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation the attacker could critically impact
Due to missing authorization checks, SAP Enable
Now allows an author to escalate privileges to access information which should
otherwise be restricted. On successful exploitation, the attacker can cau
Due to the missing authorization checks in the
local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application
Server (ABAP and Java), and SAP Content Server can impersonate other user
An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensiti
Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are o
Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are o
Due to a missing authorization check in SAP ERP and SAP S/4HANA (Private Cloud and On-Premise), an authenticated attacker could execute a particular ABAP report to overwrite any existing eight?charact
SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once logged into the ABAP system, the at
Under certain conditions, SAP Landscape Transformation's PCL Basis module does not perform the necessary authorization checks, allowing authenticated users to access restricted functionalities or data
SAP Business Warehouse and SAP BW/4HANA BEx Tools allow an authenticated attacker to gain higher access levels than intended by exploiting improper authorization checks. This could potentially impact
Page 1+ Next →