Back to search
CVE-2022-31589
Published: Jun 14, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
Due to improper authorization check, business users who are using Israeli File from SHAAM program (/ATL/VQ23 transaction), are granted more than needed authorization to perform certain transaction, which may lead to users getting access to data that would otherwise be restricted.
| Vendor | Product | Versions |
|---|---|---|
SAP SE | SAP ERP, localization for CEE countries. | affected C-CEE 110_600affected 110_602affected 110_603affected 110_604affected 110_700 |
SAP SE | SAP Financials | affected SAP_FIN 618affected 720 |
SAP SE | SAP S/4Hana Core | affected S4CORE 100affected 101affected 102affected 103affected 104+4 more versions |
Weaknesses (CWE)
References
https://launchpad.support.sap.com/#/notes/3203065
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now