Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.11 views

CVE-2026-40133

Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on the confidentiality and integrity of the data. Additionally, this vulnerability may prevent the...

6.3CVSS5.5AI score0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 12:6 a.m.2 views

CVE-2026-27673 Missing Authorization Check in SAP S/4HANA (Private Cloud and On-Premise)

Due to a missing authorization check, SAP S/4HANA Private Cloud and On-Premise allows an authenticated user to delete files on the operating system and gain unauthorized control over file operations which could leads to no impact on Confidentiality, Low impact on Integrity and Availability of the...

4.9CVSS5.8AI score0.00158EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.9 views

SAP S/4HANA OData Service 安全漏洞

The SAP S/4HANA OData Service is an enterprise system data interface and service integration component provided by SAP, a German company. There is a security vulnerability in the SAP S/4HANA OData Service Manage Reference Equipment, which stems from the lack of authorization checks. This...

6.5CVSS5.8AI score0.00181EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/10 3:1 a.m.30 views

CVE-2026-0488 Code Injection vulnerability in SAP CRM and SAP S/4HANA (Scripting Editor)

An authenticated attacker in SAP CRM and SAP S/4HANA Scripting Editor could exploit a flaw in a generic function module call and execute unauthorized critical functionalities, which includes the ability to execute an arbitrary SQL statement. This leads to a full database compromise with high impa...

9.9CVSS0.0049EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.10 views

PT-2026-2334

Name of the Vulnerable Software and Affected Versions SAP S/4HANA Private Cloud and On-Premise affected versions not specified Description The software contains a flaw in a function module exposed via Remote Function Call RFC. An attacker with administrative privileges can exploit this to inject...

9.1CVSS6.2AI score0.00409EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/05/22 5:30 p.m.6 views

CVE-2020-6184

Under certain conditions, ABAP Online Community in SAP NetWeaver SAPBASIS version 7.40 and SAP S/4HANA SAPBASIS versions 7.50, 7.51, 7.52, 7.53, 7.54, does not sufficiently encode user-controlled inputs, resulting in Reflected Cross-Site Scripting XSS vulnerability...

6.1CVSS6AI score0.00963EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.3 views

SAP S/4HANA Security Vulnerabilities

SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. A security vulnerability exists in SAP S/4HANA that stems from a failure to perform the required authorization checks for authenticated users, which could result in privile...

6.5CVSS6.7AI score0.00282EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.6 views

SAP S/4 HANA 安全漏洞

SAP S/4 HANA is an intelligent, integrated ERP software for large enterprises from SAP, a German company. A security vulnerability exists in SAP S/4 HANA that stems from not performing the required authorization checks on authenticated users, which can lead to privilege escalation...

4.3CVSS6.6AI score0.00318EPSS
Exploits0References4
OSV
OSV
added 2023/09/12 2:15 a.m.3 views

CVE-2023-41368

The OData service of the S4 HANA Manage checkbook apps - versions 102, 103, 104, 105, 106, 107, allows an attacker to change the checkbook name by simulating an update OData call...

5.3CVSS6.1AI score0.00367EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/14 12:0 a.m.3 views

SAP S/4 HANA 安全漏洞

SAP S/4 HANA is an intelligent, integrated ERP software for large enterprises from SAP, Germany. A security vulnerability exists in SAP S/4 HANA Map Treasury Correspondence Format Data, which stems from a lack of authorization checks for users. An attacker could exploit the vulnerability to eleva...

6.5CVSS6.5AI score0.00524EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/12 9:15 p.m.2 views

CVE-2022-32248

Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA - version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the database. This leads to an impact on the integrity of the data...

5.3CVSS5.4AI score0.00617EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/07/12 12:0 a.m.5 views

SAP S/4HANA 安全漏洞

SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP Germany. SAP S/4HANA is vulnerable to an authorization issue that stems from the application business partner extension component not performing the required authorization checks for...

5.5CVSS5.6AI score0.00414EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/01/14 8:15 p.m.10 views

CVE-2022-22530

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to inject dangerous content or malicious code which could result in critical information being...

8.1CVSS7.3AI score0.00935EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder