EUVD-2022-27688

Malicious code in bioql PyPI...

The vulnerability of the Application Business Partner Extension component of the SAP S/4HANA software platform allows attackers to enhance their privileges.

The vulnerability of the Application Business Partner Extension component of the SAP S/4HANA software platform is related to authentication errors. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

SAP S/4HANA 安全漏洞

SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP Germany. SAP S/4HANA is vulnerable to an authorization issue that stems from the application business partner extension component not performing the required authorization checks for...

CVE-2022-22542

S/4HANA Supplier Factsheet exposes the private address and bank details of an Employee Business Partner with Supplier Role, AND Enterprise Search for Customer, Supplier and Business Partner objects exposes the private address fields of Employee Business Partners, to an actor that is not explicitl...

Information disclosure

S/4HANA Supplier Factsheet exposes the private address and bank details of an Employee Business Partner with Supplier Role, AND Enterprise Search for Customer, Supplier and Business Partner objects exposes the private address fields of Employee Business Partners, to an actor that is not explicitl...

CVE-2022-22542

S/4HANA Supplier Factsheet exposes the private address and bank details of an Employee Business Partner with Supplier Role, AND Enterprise Search for Customer, Supplier and Business Partner objects exposes the private address fields of Employee Business Partners, to an actor that is not explicitl...

Authorization

SAP Banking Services Generic Market Data does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. An unauthorized User is allowed to display restricted Business Partner Generic Market Data GMD, due to improper authorization check...

CVE-2020-6298

SAP Banking Services Generic Market Data, versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data GMD and change related GMD key figure values, due to Missing Authorization Check...

Authorization

SAP Banking Services Generic Market Data, versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data GMD and change related GMD key figure values, due to Missing Authorization Check...

Cyber Security Index Highlights Political Threats, Business Partner Risk

The first annual Index of Cyber Security finds that senior security officers are more concerned than at this time last year about the risk of cyber attack and other online risks, with concerns about ideologically-motivated hacktivists and the threats posed by business partners and other “counter...