VYPR
Unrated severityNVD Advisory· Published Jul 11, 2023· Updated Oct 29, 2024

Improper Access Control in SAP S/4HANA (Manage Journal Entry Template)

CVE-2023-35870

Description

When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions S4CORE 104, 105, 106, 107, an attacker could intercept the save request and change the template, leading to an impact on confidentiality and integrity of the resource. Furthermore, a standard template could be deleted, hence making the resource temporarily unavailable.

Affected products

2
  • SAP/S/4HANAllm-fuzzy
    Range: S4CORE 104, 105, 106, 107
  • SAP_SE/SAP S/4HANA (Manage Journal Entry Template)v5
    Range: S4CORE 104

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.