MEDIUM✓ PATCH🇬🇧 English

CVE-2024-45282

CVSS 4.3v3.1pub. 2024-10-08upd. 2024-11-14

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations. Confidentiality and Availability are not impacted.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  • Sap S\/4 Hana

    APP
    Sap
    102103104105106107
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2026-0498CRITICAL9.1PL ✓ten sam produkt

SAP S/4HANA: injection kodu ABAP/poleceń OS przez RFC z uprawnieniami admina

CVE-2020-26832HIGH7.6ten sam produkt

SAP AS ABAP (SAP Landscape Transformation), versions - 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_...

CVE-2020-6188HIGH8.8ten sam produkt

VAT Pro-Rata reports in SAP ERP (SAP_APPL versions 600, 602, 603, 604, 605, 606, 616 and SAP_FIN versions 617,...

CVE-2024-34691MEDIUM6.5ten sam produkt

Manage Incoming Payment Files (F1680) of SAP S/4HANA does not perform necessary authorization checks for an au...

CVE-2023-41368LOW2.7ten sam produkt

The OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107, allows an at...