Описание
SAP Group Reporting Data Collection does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, specific data can be changed via the Enter Package Data app although the user does not have sufficient authorization causing high impact on Integrity of the appliction.
EPSS
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
SAP Group Reporting Data Collection does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, specific data can be changed via the Enter Package Data app although the user does not have sufficient authorization causing high impact on Integrity of the appliction.
Уязвимость компонента Enter Package Data программного обеспечения для сбора финансовых данных для бизнеса SAP Group Reporting Data Collection, позволяющая нарушителю повысить свои привилегии и оказать воздействие на целостность данных
EPSS
6.5 Medium
CVSS3