CVE-2025-26656
Missing Authorization check in S/4HANA (Manage Purchasing Info Records)
OData Service in Manage Purchasing Info Records does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on integrity of the application.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Produtos afetados
SAP_SE · S/4HANA (Manage Purchasing Info Records)Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →