SAP S4CORE OData meta-data property allows an authenticated attacker to access restricted information due to missing authorization check. This could cause a low impact on confidentiality but integrity
SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentia
SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data tampering, due to which certain fields could be externally modified by an attacker causing low impact on
Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Technical Object Structures), an attacker could update and delete child entities via exposed OData services without proper
Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Structures), an attacker could update and delete child entities via exposed OData services without prope
Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Reference Equipment), an attacker could update and delete child entities via OData services without proper authorization. T
Due to missing authorization checks in the SAP S/4HANA backend OData Service (Manage Reference Structures), an attacker could update and delete child entities via exposed OData services without proper
Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on
SAP S4CORE (Manage journal entries) does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. This has low impact on confidentiality of the appli
Due to a Missing Authorization Check vulnerability in SAP S/4 HANA Private Cloud (Financials General Ledger), an authenticated attacker with authorization limited to a single company code could read s
OData Service in Manage Purchasing Info Records does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on integrity
Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal, a user with high privileges could access sensitive data belonging to another company. This vulnerability has a
Due to missing authorization check in an RFC enabled function module in transaction SDCCN, an authenticated attacker could generate technical meta-data. This leads to a low impact on integrity. There
Due to a missing authorization check in SAP Enterprise Search for ABAP, an attacker with high privileges may read and export the contents of database tables into an ABAP report. This could lead to a h
Due to a missing authorization check in SAP Business Analytics and SAP Content Management, an authenticated user could make unauthorized calls to certain remote function modules, potentially accessing
Due to a missing authorization check vulnerability in SAP S/4HANA (Enterprise Event Enablement), an attacker with access to the Inbound Binding Configuration could create an RFC destination and assign
Due to information disclosure vulnerability in anonymous API provided by SAP Business One (SLD), an attacker with normal user access could gain access to unauthorized information. As a result, it has
Due to missing authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA, an authenticated attacker could access a specific transaction code and modify the text data in the system.
SAP Business Warehouse and SAP BW/4HANA BEx Tools allow an authenticated attacker to gain higher access levels than intended by exploiting improper authorization checks. This could potentially impact
Under certain conditions Statutory Reports in SAP S/4 HANA allows an attacker with basic privileges to access information which would otherwise be restricted. The vulnerability could expose internal u
Page 1+ Next →