Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Authorization Check in SAP Business Warehouse (Process Chains)
Vulnerability Description
SAP Business Warehouse (Process Chains) allows an attacker to manipulate the process execution due to missing authorization check. An attacker with display authorization for the process chain object could set one or all processes to be skipped. This means corresponding activities, such as data loading, activation, or deletion, will not be executed as initially modeled. This could lead to unexpected results in business reporting leading to a significant impact on integrity. However, there is no impact on confidentiality or availability.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
授权机制缺失
Vulnerability Title
SAP Business Warehouse 安全漏洞
Vulnerability Description
SAP Business Warehouse是德国思爱普(SAP)公司的用于执行业务流程的关键组件,它允许用户设计、实施和管理业务流程,确保流程的合规性,并通过自动化减少手动操作的需要。 SAP Business Warehouse存在安全漏洞,该漏洞源于缺少授权检查,可能导致攻击者操纵进程执行。
CVSS Information
N/A
Vulnerability Type
N/A