CVE-2023-32112

Vendor Master Hierarchy - versions SAP_APPL 500, SAP_APPL 600, SAP_APPL 602, SAP_APPL 603, SAP_APPL 604, SAP_APPL 605, SAP_APPL 606, SAP_APPL 616, SAP_APPL 617, SAP_APPL 618, S4CORE 100, does not perform necessary authorization checks for an authenticated user to access some of its function. This could lead to modification of data impacting the integrity of the system.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:s4core:100:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_500:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_600:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_602:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_603:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_604:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_605:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_606:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_616:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_617:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_618:*:*:*:*:*:*:*

History

21 Nov 2024, 08:02

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.5
v2 : unknown
v3 : 2.8
References () https://launchpad.support.sap.com/#/notes/2335198 - Broken Link () https://launchpad.support.sap.com/#/notes/2335198 - Broken Link
References () https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory () https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory

Information

Published : 2023-05-09 02:15

Updated : 2024-11-21 08:02


NVD link : CVE-2023-32112

Mitre link : CVE-2023-32112

CVE.ORG link : CVE-2023-32112


JSON object : View

Products Affected

sap

  • s4core
  • vendor_master_hierarchy
CWE
CWE-862

Missing Authorization