exploitDog

CVE-2023-42473

Опубликовано: 10 окт. 2023

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

S/4HANA Manage (Withholding Tax Items) - version 106, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges which has low impact on the confidentiality and integrity of the application.

Ссылки

https://me.sap.com/notes/3219846
Permissions Required
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Vendor Advisory
https://me.sap.com/notes/3219846
Permissions Required
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:s\/4hana:106:*:*:*:*:*:*:*

EPSS

Процентиль: 35%

0.00147

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-862

Связанные уязвимости

GHSA-j972-ff67-2v59

CVSS3: 5.4

github

больше 2 лет назад

S/4HANA Manage (Withholding Tax Items) - version 106, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges which has low impact on the confidentiality and integrity of the application.

BDU:2023-06945

CVSS3: 5.4

fstec

больше 2 лет назад

Уязвимость компонента Withholding Tax Items программной платформы SAP S/4HANA, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 35%

0.00147

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-862