CVE-2024-34691 Missing Authorization check in SAP S/4HANA (Manage Incoming Payment Files)

🗓️ 11 Jun 2024 02:22:24Reported by sapType

SAP S/4HANA Missing Authorization Check CVE-2024-34691

Reporter	Title	Published	Views	Family All 8
BDU FSTEC	The vulnerability of the “Manage Incoming Payment Files” component of the SAP S/4HANA software platform allows a perpetrator to compromise the integrity of the protected information.	5 Jul 202400:00	–	bdu_fstec
CNNVD	SAP S/4HANA Security Vulnerabilities	11 Jun 202400:00	–	cnnvd
CVE	CVE-2024-34691	11 Jun 202402:22	–	cve
EUVD	EUVD-2024-34990	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	11 Jun 202412:37	–	ncsc
NVD	CVE-2024-34691	11 Jun 202403:15	–	nvd
RedhatCVE	CVE-2024-34691	23 May 202509:49	–	redhatcve
Vulnrichment	CVE-2024-34691 Missing Authorization check in SAP S/4HANA (Manage Incoming Payment Files)	11 Jun 202402:22	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP S/4HANA (Manage Incoming Payment Files)",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "S4CORE 102"
      },
      {
        "status": "affected",
        "version": "103"
      },
      {
        "status": "affected",
        "version": "104"
      },
      {
        "status": "affected",
        "version": "105"
      },
      {
        "status": "affected",
        "version": "106"
      },
      {
        "status": "affected",
        "version": "107"
      },
      {
        "status": "affected",
        "version": "108"
      }
    ]
  }
]

Source	Link
support	www.support.sap.com/en/my-support/knowledge-base/security-notes-news.html
me	www.me.sap.com/notes/3466175

11 Jun 2024 02:22Current

CVSS 3.16.5

EPSS0.00282

CWE-862