THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2024-37172

[CVE-2024-37172] Missing Authorization check in SAP S/4HANA Finance (Advanced Payment Management)

Assignersap
Reserved2024-06-04
Published2024-07-09
Updated2024-07-09

Description

SAP S/4HANA Finance (Advanced Payment Management) does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. As a result, it has a low impact to confidentiality and availability but there is no impact on the integrity.



MEDIUM: 5.4CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

Problem types

CWE-862: Missing Authorization

Product status

Default status
unaffected

S4CORE 107
affected

S4CORE 108
affected

References

https://url.sap/sapsecuritypatchday

https://me.sap.com/notes/3457354

cve.org CVE-2024-37172

nvd.nist.gov CVE-2024-37172

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-37172
© Copyright 2024 THREATINT. Made in Cyprus with +