漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Missing authorization check in SAP Business Workflow
Vulnerability Description
An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensitive function to execute unauthorized, high-privilege actions. This has a high impact on data integrity, with low impact on confidentiality and no impact on availability of the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:N
Vulnerability Type
授权机制缺失
Vulnerability Title
SAP Business Workflow 安全漏洞
Vulnerability Description
SAP Business Workflow是德国思爱普(SAP)公司的用于执行业务流程的关键组件,它允许用户设计、实施和管理业务流程,确保流程的合规性,并通过自动化减少手动操作的需要。 SAP Business Workflow存在安全漏洞,该漏洞源于授权检查错误,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A