S4CORE (Manage Purchase Contracts App) - versions 102, 103, 104, 105, 106, 107, does not perform necessary authorization checks for an authenticated user. This could allow an attacker to perform unintended actions resulting in escalation of privileges which has low impact on confidentiality and integrity with no impact on availibility of the system.
Metrics
Affected Vendors & Products
References
History
Wed, 25 Sep 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2023-09-12T02:00:13.727Z
Updated: 2024-09-25T15:28:24.390Z
Reserved: 2023-08-17T18:10:44.968Z
Link: CVE-2023-40625
Vulnrichment
Updated: 2024-08-02T18:38:51.007Z
NVD
Status : Analyzed
Published: 2023-09-12T03:15:14.147
Modified: 2023-09-13T14:59:43.357
Link: CVE-2023-40625
Redhat
No data.