Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Authorization Check in SAP S/4HANA (Manage Processing Rules - For Bank Statement)
Vulnerability Description
SAP Manage Processing Rules (For Bank Statement) allows an attacker with basic privileges to edit shared rules of any user by tampering the request parameter. Due to missing authorization check, the attacker can edit rules that should be restricted, compromising the integrity of the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
授权机制缺失
Vulnerability Title
SAP Manage Processing Rules 安全漏洞
Vulnerability Description
SAP Manage Processing Rules是德国思爱普(SAP)公司的一个管理系统。 SAP Manage Processing Rules存在安全漏洞,该漏洞源于授权检查不足,可能导致编辑共享规则。
CVSS Information
N/A
Vulnerability Type
N/A