CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
16.8%
Manage Incoming Payment Files (F1680) of SAP
S/4HANA does not perform necessary authorization checks for an authenticated
user, resulting in escalation of privileges. As a result, it has high impact on
integrity and no impact on the confidentiality and availability of the system.
Vendor | Product | Version | CPE |
---|---|---|---|
sap | s\/4_hana | 103 | cpe:2.3:a:sap:s\/4_hana:103:*:*:*:*:*:*:* |
sap | s\/4_hana | 104 | cpe:2.3:a:sap:s\/4_hana:104:*:*:*:*:*:*:* |
sap | s\/4_hana | 105 | cpe:2.3:a:sap:s\/4_hana:105:*:*:*:*:*:*:* |
sap | s\/4_hana | 106 | cpe:2.3:a:sap:s\/4_hana:106:*:*:*:*:*:*:* |
sap | s\/4_hana | 107 | cpe:2.3:a:sap:s\/4_hana:107:*:*:*:*:*:*:* |
sap | s\/4_hana | 108 | cpe:2.3:a:sap:s\/4_hana:108:*:*:*:*:*:*:* |
sap | s\/4_hana | s4core_102 | cpe:2.3:a:sap:s\/4_hana:s4core_102:*:*:*:*:*:*:* |