Lucene search

CVE-2023-24524

🗓️ 14 Feb 2023 04:12:15Reported by sapType

SAP S/4 HANA Map Treasury Correspondence Format Data does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to delete the data with a high impact to availability

Reporter	Title	Published	Views	Family All 4
Cvelist	CVE-2023-24524	14 Feb 202303:17	–	cvelist
NVD	CVE-2023-24524	14 Feb 202304:15	–	nvd
Vulnrichment	CVE-2023-24524	14 Feb 202303:17	–	vulnrichment
Prion	Authorization	14 Feb 202304:15	–	prion

Nvd

Node

sap s\/4hanaMatch104

sap s\/4hanaMatch105

[
  {
    "defaultStatus": "unaffected",
    "product": "S/4 HANA (Map Treasury Correspondence Format Data)",
    "vendor": "SAP",
    "versions": [
      {
        "status": "affected",
        "version": "104"
      },
      {
        "status": "affected",
        "version": "105"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Feb 2023 04:15Current

6.5Medium risk

Vulners AI Score6.5

CVSS36.5

EPSS0.00266

SSVC

CWE-862