Insufficient Authorization Checks in SAP S/4HANA Allow Escalation of Privileges
CVE-2024-30216

Currently unrated

Key Information:

Vendor
SAP
Vendor
CVE Published:
9 April 2024

Summary

Cash Management in SAP S/4 HANA does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, attacker can add notes in the review request with 'completed' status affecting the integrity of the application. Confidentiality and Availability are not impacted.

References

Timeline

  • Vulnerability published

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.