Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Authorization Check in SAP S/4 HANA Private Cloud (Financials General Ledger)
Vulnerability Description
Due to a Missing Authorization Check vulnerability in SAP S/4 HANA Private Cloud (Financials General Ledger), an authenticated attacker with authorization limited to a single company code could read sensitive data and post or modify documents across all company codes. Successful exploitation could result in a high impact to confidentiality and a low impact to integrity, while availability remains unaffected.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
不对称的资源消耗(放大攻击)
Vulnerability Title
SAP S/4 HANA 安全漏洞
Vulnerability Description
SAP S/4 HANA是德国思爱普(SAP)公司的一款适用于大型企业的智能化集成式ERP软件。 SAP S/4 HANA Private Cloud存在安全漏洞,该漏洞源于缺少授权检查,可能导致跨公司代码读取敏感数据和修改文档。
CVSS Information
N/A
Vulnerability Type
N/A