4 matches found
CVE-2023-40625
S4CORE Manage Purchase Contracts App - versions 102, 103, 104, 105, 106, 107, does not perform necessary authorization checks for an authenticated user. This could allow an attacker to perform unintended actions resulting in escalation of privileges which has low impact on confidentiality and...
CVE-2023-40625
S4CORE Manage Purchase Contracts App - versions 102, 103, 104, 105, 106, 107, does not perform necessary authorization checks for an authenticated user. This could allow an attacker to perform unintended actions resulting in escalation of privileges which has low impact on confidentiality and...
CVE-2023-40625
CVE-2023-40625 involves the SAP S4CORE Manage Purchase Contracts App where versions 102–107 do not perform necessary authorization checks for authenticated users, enabling potential privilege escalation. Connected source PT-2023-27547 corroborates the affected versions and notes remediation: upgr...
CVE-2023-40625 Missing Authorization check in SAP Manage Purchase Contracts App
S4CORE Manage Purchase Contracts App - versions 102, 103, 104, 105, 106, 107, does not perform necessary authorization checks for an authenticated user. This could allow an attacker to perform unintended actions resulting in escalation of privileges which has low impact on confidentiality and...