Authorization Flaw in SAP MDG Review Match Groups Application by SAP
CVE-2026-44750

4.3MEDIUM

Key Information:

Vendor

SAP

Vendor
CVE Published:
9 June 2026

What is CVE-2026-44750?

The SAP MDG (Review Match Groups Application) lacks adequate authorization checks for authenticated users, allowing lower-privileged users to execute actions that should be restricted. This vulnerability poses risks related to privilege escalation, where users can gain unauthorized access to functions intended for higher-privileged accounts. The impact primarily revolves around integrity issues, as actions can be performed without proper authorization, while confidentiality and availability remain unaffected. Organizations are advised to apply security patches to mitigate this risk.

Affected Version(s)

SAP MDG (Review Match Groups Application) S4CORE 108

SAP MDG (Review Match Groups Application) SAP_BASIS 916

SAP MDG (Review Match Groups Application) SAP_BASIS 917

References

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.