Описание
The OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107, allows an attacker to change the checkbook name by simulating an update OData call.
Ссылки
- Permissions Required
- Vendor Advisory
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:s\/4_hana:102:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4_hana:103:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4_hana:104:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4_hana:105:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4_hana:106:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4_hana:107:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00152
Низкий
2.7 Low
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 5.3
github
больше 2 лет назад
The OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107, allows an attacker to change the checkbook name by simulating an update OData call.
EPSS
Процентиль: 36%
0.00152
Низкий
2.7 Low
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-639