Filtered by vendor Sap
Subscriptions
Filtered by product S/4 Hana
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-42876 | 1 Sap | 2 Hana, S/4 Hana | 2025-12-09 | 7.1 High |
| Due to a Missing Authorization Check vulnerability in SAP S/4 HANA Private Cloud (Financials General Ledger), an authenticated attacker with authorization limited to a single company code could read sensitive data and post or modify documents across all company codes. Successful exploitation could result in a high impact to confidentiality and a low impact to integrity, while availability remains unaffected. | ||||
| CVE-2024-4138 | 1 Sap | 1 S/4 Hana | 2025-07-13 | 4.3 Medium |
| Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can enable/disable the sharing rule of other users affecting the integrity of the application. Confidentiality and Availability are not affected. | ||||
Page 1 of 1.