5 matches found
CVE-2025-42991
SAP S/4HANA Bank Account Application does not perform necessary authorization checks. This allows an authenticated 'approver' user to delete attachment from bank account application of other user, leading to a low impact on integrity, with no impact on the confidentiality of the data or the...
CVE-2025-42991
creationtimestamp| type| source ---|---|--- 2025-06-10 03:05:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lr7vwkdvy72m...
CVE-2025-42991 Missing Authorization check in SAP S/4HANA (Bank Account Application)
SAP S/4HANA Bank Account Application does not perform necessary authorization checks. This allows an authenticated 'approver' user to delete attachment from bank account application of other user, leading to a low impact on integrity, with no impact on the confidentiality of the data or the...
CVE-2025-42991 Missing Authorization check in SAP S/4HANA (Bank Account Application)
SAP S/4HANA Bank Account Application does not perform necessary authorization checks. This allows an authenticated 'approver' user to delete attachment from bank account application of other user, leading to a low impact on integrity, with no impact on the confidentiality of the data or the...
CVE-2025-42991
SAP S/4HANA Bank Account Application is affected by a Missing Authorization check vulnerability. An authenticated "+approver" user can delete attachments from another user’s bank account application, causing low integrity impact (no confidentiality or availability impact). Root cause identified a...