CVE-2025-42876
Missing Authorization Check in SAP S/4 HANA Private Cloud (Financials General Ledger)
Due to a Missing Authorization Check vulnerability in SAP S/4 HANA Private Cloud (Financials General Ledger), an authenticated attacker with authorization limited to a single company code could read sensitive data and post or modify documents across all company codes. Successful exploitation could result in a high impact to confidentiality and a low impact to integrity, while availability remains unaffected.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Productos afectados
SAP_SE · SAP S/4 HANA Private Cloud (Financials General Ledger)¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →