Unrated severityNVD Advisory· Published May 9, 2023· Updated Jan 28, 2025

Missing Authorization Check in Vendor Master Hierarchy

CVE-2023-32112

Description

Vendor Master Hierarchy - versions SAP_APPL 500, SAP_APPL 600, SAP_APPL 602, SAP_APPL 603, SAP_APPL 604, SAP_APPL 605, SAP_APPL 606, SAP_APPL 616, SAP_APPL 617, SAP_APPL 618, S4CORE 100, does not perform necessary authorization checks for an authenticated user to access some of its function. This could lead to modification of data impacting the integrity of the system.

Affected products

SAP/Vendor Master Hierarchyllm-create2 versions
SAP_APPL 500, 600, 602, 603, 604, 605, 606, 616, 617, 618; S4CORE 100+ 1 more
- (no CPE)range: SAP_APPL 500, 600, 602, 603, 604, 605, 606, 616, 617, 618; S4CORE 100
- (no CPE)range: SAP_APPL 500

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

launchpad.support.sap.commitre
www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000