CVE-2025-26656
Missing Authorization check in S/4HANA (Manage Purchasing Info Records)
OData Service in Manage Purchasing Info Records does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on integrity of the application.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Productos afectados
SAP_SE · S/4HANA (Manage Purchasing Info Records)¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →