Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Information Disclosure vulnerability in SAP S/4HANA (Private Cloud & On-Premise)
Vulnerability Description
SAP S/4 HANA allows an authenticated attacker with user privileges to configure a field not intended for their access and create a custom UI layout displaying this field. On performing this step the attacker could gain access to highly sensitive information. This could cause a high impact on confidentiality and minimal impact on integrity and availability of the application.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L
Vulnerability Type
暴露危险的方法或函数
Vulnerability Title
SAP S/4 HANA 安全漏洞
Vulnerability Description
SAP S/4 HANA是德国思爱普(SAP)公司的一款适用于大型企业的智能化集成式ERP软件。 SAP S/4 HANA存在安全漏洞,该漏洞源于权限管理不当,可能导致敏感信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A