CVE-2023-24524

CVSS 6.5 MEDIUMEPSS 0.5%CWE-862

SAP S/4 HANA Map Treasury Correspondence Format Data does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to delete the data with a high impact to availability.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Produtos afetados

SAP · S/4 HANA (Map Treasury Correspondence Format Data)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://launchpad.support.sap.com/#/notes/2985905 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html