Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Authorization check in SAP S/4HANA Backend OData Service (Manage Reference Structures)
Vulnerability Description
Due to missing authorization checks in the SAP S/4HANA backend OData Service (Manage Reference Structures), an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not impacted.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
授权机制缺失
Vulnerability Title
SAP S/4HANA OData Service 安全漏洞
Vulnerability Description
SAP S/4HANA OData Service是德国思爱普(SAP)公司的一个企业系统数据接口与服务集成组件。 SAP S/4HANA OData Service存在安全漏洞,该漏洞源于缺少授权检查,可能导致攻击者通过暴露的OData服务未经授权更新和删除子实体。
CVSS Information
N/A
Vulnerability Type
N/A