Remote Function Call Vulnerability in SAP Operational Data Provisioning API
CVE-2026-44754
6.6MEDIUM
What is CVE-2026-44754?
The Remote Function Call modules within the Operational Data Provisioning Data Replication API are lacking caller identification for SAP-internal applications. As a result, customer and third-party applications may exploit the API in ways not aligned with its intended use. This situation can lead to unintentional data disclosures without compromising the integrity of the application or causing significant availability issues.
Affected Version(s)
ODP Data Replication APIs DW4CORE 200
ODP Data Replication APIs 300
ODP Data Replication APIs 400