Lucene search
K

7 matches found

BDU FSTEC
BDU FSTEC
added 2025/04/01 12:0 a.m.8 views

The vulnerability of the “Manage Bank Statements” component of the SAP S/4HANA software platform allows a perpetrator to influence the integrity of the protected information.

The vulnerability of the “Manage Bank Statements” component of the SAP S/4HANA software platform involves bypassing authentication using a key controlled by the user. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the integrity of the protected informatio...

4.3CVSS5.5AI score0.00252EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/11 12:39 a.m.5 views

CVE-2025-27436 Broken Access Control vulnerabilities in SAP S/4HANA (Manage Bank Statements)

The Manage Bank Statements in SAP S/4HANA does not perform required access control checks for an authenticated user to confirm whether a request to interact with a resource is legitimate, allowing the attacker to delete the attachment of a posted bank statement. This leads to a low impact on...

4.3CVSS7AI score0.00225EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/11 12:38 a.m.13 views

CVE-2025-27433 Broken Access Control vulnerabilities in SAP S/4HANA (Manage Bank Statements)

The Manage Bank Statements in SAP S/4HANA allows authenticated attacker to bypass certain functionality restrictions of the application and upload files to a reversed bank statement. This vulnerability has a low impact on the application's integrity, with no effect on confidentiality and...

4.3CVSS0.00252EPSS
Exploits0References2
OSV
OSV
added 2024/10/08 4:15 a.m.7 views

CVE-2024-45282

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations...

5.3CVSS5.8AI score0.00293EPSS
Exploits0References2
NVD
NVD
added 2024/10/08 4:15 a.m.15 views

CVE-2024-45282

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations...

5.3CVSS0.00293EPSS
Exploits0References2
CVE
CVE
added 2024/10/08 3:21 a.m.53 views

CVE-2024-45282

CVE-2024-45282 affects SAP S/4HANA, specifically the Manage Bank Statements component and its Bank Statement Draft. Fields in the read-only state can be modified via the MERGE method, leading to integrity violations in an OData entity. Root cause: lack of protection against external modifications...

5.3CVSS4.8AI score0.00293EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/08 3:21 a.m.11 views

CVE-2024-45282 HTTP Verb Tampering in SAP S/4 HANA(Manage Bank Statements)

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations...

4.3CVSS7AI score0.00293EPSS
Exploits0References2
Rows per page
Query Builder