Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations. Confidentiality and Availability are not impacted.
References
Link | Resource |
---|---|
https://me.sap.com/notes/3251893 | Permissions Required |
https://url.sap/sapsecuritypatchday | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
14 Nov 2024, 17:56
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
References | () https://me.sap.com/notes/3251893 - Permissions Required | |
References | () https://url.sap/sapsecuritypatchday - Vendor Advisory | |
CPE | cpe:2.3:a:sap:s\/4_hana:105:*:*:*:*:*:*:* cpe:2.3:a:sap:s\/4_hana:102:*:*:*:*:*:*:* cpe:2.3:a:sap:s\/4_hana:104:*:*:*:*:*:*:* cpe:2.3:a:sap:s\/4_hana:103:*:*:*:*:*:*:* cpe:2.3:a:sap:s\/4_hana:106:*:*:*:*:*:*:* cpe:2.3:a:sap:s\/4_hana:107:*:*:*:*:*:*:* |
|
First Time |
Sap
Sap s\/4 Hana |
10 Oct 2024, 12:57
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
08 Oct 2024, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-08 04:15
Updated : 2024-11-14 17:56
NVD link : CVE-2024-45282
Mitre link : CVE-2024-45282
CVE.ORG link : CVE-2024-45282
JSON object : View
Products Affected
sap
- s\/4_hana
CWE
CWE-650
Trusting HTTP Permission Methods on the Server Side