CVE-2025-23188 Missing Authorization check in SAP S/4HANA (RBD)

🗓️ 11 Mar 2025 00:32:01Reported by sapType

Missing authorization check in SAP S/4HANA allows low privilege users unauthorized access.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-23188	11 Mar 202502:40	–	circl
CNNVD	SAP S/4HANA 安全漏洞	11 Mar 202500:00	–	cnnvd
CNVD	Unspecified Vulnerability in SAP S/4HANA (CNVD-2025-08314)	27 Mar 202500:00	–	cnvd
CVE	CVE-2025-23188	11 Mar 202500:32	–	cve
EUVD	EUVD-2025-7621	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP software	11 Mar 202512:20	–	ncsc
NVD	CVE-2025-23188	11 Mar 202501:15	–	nvd
RedhatCVE	CVE-2025-23188	13 Mar 202518:12	–	redhatcve
Vulnrichment	CVE-2025-23188 Missing Authorization check in SAP S/4HANA (RBD)	11 Mar 202500:32	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP S/4HANA (RBD)",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "S4CORE 102"
      },
      {
        "status": "affected",
        "version": "103"
      },
      {
        "status": "affected",
        "version": "104"
      },
      {
        "status": "affected",
        "version": "105"
      },
      {
        "status": "affected",
        "version": "106"
      },
      {
        "status": "affected",
        "version": "107"
      },
      {
        "status": "affected",
        "version": "108"
      },
      {
        "status": "affected",
        "version": "EA-FINSERV 618"
      },
      {
        "status": "affected",
        "version": "EA-FINSERV 800"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3557131

11 Mar 2025 00:32Current

CVSS 3.14.3

EPSS0.00225

CWE-862