VYPR
Unrated severityNVD Advisory· Published Sep 12, 2023· Updated Sep 26, 2024

Insecure Direct Object Reference (IDOR) vulnerability in S4 HANA (Manage checkbook apps)

CVE-2023-41368

Description

The OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107, allows an attacker to change the checkbook name by simulating an update OData call.

Affected products

2
  • SAP/S/4HANAllm-create
    Range: = 102, 103, 104, 105, 106, 107
  • SAP_SE/S4 HANA ABAP (Manage checkbook apps)v5
    Range: 102

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.