Описание
Due to missing authorization check, an attacker authenticated as a non-administrative user could call a remote-enabled function module. This could enable access to information normally restricted, resulting in low impact on confidentiality. There is no impact on integrity or availability.
EPSS
4.3 Medium
CVSS3
Дефекты
Связанные уязвимости
Due to missing authorization check, an attacker authenticated as a non-administrative user could call a remote-enabled function module. This could enable access to information normally restricted, resulting in low impact on confidentiality. There is no impact on integrity or availability.
Уязвимость инструмента Service Data Control Center (SDCCN) программных интеграционных платформ SAP NetWeaver и ABAP Platform, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации
EPSS
4.3 Medium
CVSS3