Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Authorization check in SAP S/4HANA (Manage Central Purchase Contract application)
Vulnerability Description
SAP S/4HANA Manage Central Purchase Contract does not perform necessary authorization checks for an authenticated user. Due to this, an attacker could execute the function import on the entity making it inaccessible for unrestricted user. This has low impact on confidentiality and availability of the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Vulnerability Type
授权机制缺失
Vulnerability Title
SAP S/4HANA Manage Central Purchase Contract 安全漏洞
Vulnerability Description
SAP S/4HANA Manage Central Purchase Contract是德国思爱普(SAP)公司的一个合同管理软件。 SAP S/4HANA Manage Central Purchase Contract存在安全漏洞,该漏洞源于授权检查不足,可能导致执行函数导入。
CVSS Information
N/A
Vulnerability Type
N/A