VYPR
Unrated severityNVD Advisory· Published Jul 12, 2022· Updated Aug 3, 2024

CVE-2022-31597

CVE-2022-31597

Description

Within SAP S/4HANA - versions S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127, the application business partner extension for Spain/Slovakia does not perform necessary authorization checks for a low privileged authenticated user over the network, resulting in escalation of privileges leading to low impact on confidentiality and integrity of the data.

Affected products

2
  • SAP/S/4HANAllm-fuzzy
    Range: S4CORE 101-106, SAPSCORE 127
  • SAP SE/SAP S/4HANAv5
    Range: S4CORE 101

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.