Authorization Flaw in SAP Create Single Payment Affects User Data Access
CVE-2026-44770
4.3MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2026-44770?
The SAP Create Single Payment application contains a vulnerability due to inadequate authorization checks, allowing authenticated yet restricted users to access specific entity set keys. This can potentially lead to the unauthorized disclosure of sensitive information. While the vulnerability impacts the confidentiality of user data, it does not affect the integrity or availability of the application.
Affected Version(s)
SAP S/4 HANA (Create Single Payment) S4CORE 102
SAP S/4 HANA (Create Single Payment) 103
SAP S/4 HANA (Create Single Payment) 104