Design/Logic Flaw

2021-09-1412:15:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

JSON

SAP ERP Financial Accounting (RFOPENPOSTING_FR) versions - SAP_APPL - 600, 602, 603, 604, 605, 606, 616, SAP_FIN - 617, 618, 700, 720, 730, SAPSCORE - 125, S4CORE, 100, 101, 102, 103, 104, 105, allows a registered attacker to invoke certain functions that would otherwise be restricted to specific users. These functions are normally exposed over the network and once exploited the attacker may be able to view and modify financial accounting data that only a specific user should have access to.

CPENameOperatorVersion
erp_financial_accountingeq602
erp_financial_accountingeq603
erp_financial_accountingeq604
erp_financial_accountingeq605
erp_financial_accountingeq606
erp_financial_accountingeq616
erp_financial_accountingeq0.0.0-sapfin617
erp_financial_accountingeq618
erp_financial_accountingeq700
erp_financial_accountingeq720

Name	Operator	Version
erp_financial_accounting	eq	602
erp_financial_accounting	eq	603
erp_financial_accounting	eq	604
erp_financial_accounting	eq	605
erp_financial_accounting	eq	606
erp_financial_accounting	eq	616
erp_financial_accounting	eq	0.0.0-sapfin617
erp_financial_accounting	eq	618
erp_financial_accounting	eq	700
erp_financial_accounting	eq	720