28 matches found
CVE-2023-49058
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing ‘traverse to parent directory’ are passed through to the file APIs. As a result, it has a low impact to the confidentiality...
EUVD-2020-27399
Malware in sbrugna...
EUVD-2020-27406
Malware in sbrugna...
CVE-2024-24741
SAP Master Data Governance for Material Data - versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804, does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read some sensitive information but no impact ...
CVE-2020-6256
SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows users to display change request details without having required authorizations, due to Missing Authorization Check...
CVE-2020-6249
The use of an admin backend report within SAP Master Data Governance, versions - S4CORE 101, S4FND 102, 103, 104, SAPBSFND 748; allows an attacker to execute crafted database queries, exposing the backend database, leading to SQL Injection...
SAP Master Data Governance Authorization Issues Vulnerability
SAP Master Data Governance is a suite of data management tools from SAP Germany for maintaining, validating, and distributing master data. An authorization issue vulnerability exists in SAP Master Data Governance for Material Data, which stems from a failure to perform the required authorization...
Authorization
SAP Master Data Governance for Material Data - versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804, does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read some sensitive information but no impact ...
CVE-2024-24741 Missing Authorization check in SAP Master Data Governance Material
SAP Master Data Governance for Material Data - versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804, does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read some sensitive information but no impact ...
CVE-2024-24741
CVE-2024-24741 affects SAP Master Data Governance for Material Data across versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804. Reported root cause: missing authorization checks for authenticated users, enabling privilege escalation. Impact stated as potential read of some sensitive informa...
CVE-2024-24741 Missing Authorization check in SAP Master Data Governance Material
SAP Master Data Governance for Material Data - versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804, does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read some sensitive information but no impact ...
SAP Master Data Governance 安全漏洞
SAP Master Data Governance is a suite of data management tools from SAP Germany for maintaining, validating, and distributing master data. An authorization issue vulnerability exists in SAP Master Data Governance for Material Data, which stems from a failure to perform the required authorization...
SAP Master Data Governance Path Traversal Vulnerability
SAP Master Data Governance is a suite of data management tools from SAP Germany for maintaining, validating, and distributing master data. A path traversal vulnerability exists in SAP Master Data Governance, which stems from insufficient validation of user-supplied path information by the File...
Vulnerabilities fixed in SAP
SAP has fixed vulnerabilities in several products, including. Business Objects, SAP GUI, Master Data Governance, Netweaver and Solution Manager. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Cross-Site Scripting XSS...
Input validation
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing ‘traverse to parent directory’ are passed through to the file APIs. As a result, it has a low impact to the confidentiality...
CVE-2023-49058 Directory Traversal vulnerability in SAP Master Data Governance
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing ‘traverse to parent directory’ are passed through to the file APIs. As a result, it has a low impact to the confidentiality...
CVE-2023-49058
The CVE concerns SAP Master Data Governance File Upload path handling. Affected: SAP Master Data Governance (File Upload) where insufficient validation of user-supplied path information allows traversal characters to reach file APIs. Root cause: directory-traversal due to path validation gaps. Im...
PT-2023-31040 · Sap · Sap Master Data Governance
Name of the Vulnerable Software and Affected Versions: SAP Master Data Governance affected versions not specified Description: The issue allows an attacker to exploit insufficient validation of path information provided by users. This can lead to characters representing 'traverse to parent...
SAP Master Data Governance SQL Injection Vulnerability
SAP Master Data Governance is a suite of data management tools from SAP Germany for maintaining, validating, and distributing master data. A SQL injection vulnerability exists in SAP Master Data Governance. An attacker could exploit this vulnerability by executing specially crafted database query...
Unspecified Vulnerability in SAP Master Data Governance
SAP Master Data Governance is a suite of data management tools from SAP Germany for maintaining, validating, and distributing master data. A security vulnerability exists in SAP Master Data Governance that stems from a lack of authorization checks. An attacker could exploit the vulnerability to...