CVE-2023-32112

Vendor Master Hierarchy - versions SAP_APPL 500, SAP_APPL 600, SAP_APPL 602, SAP_APPL 603, SAP_APPL 604, SAP_APPL 605, SAP_APPL 606, SAP_APPL 616, SAP_APPL 617, SAP_APPL 618, S4CORE 100, does not perform necessary authorization checks for an authenticated user to access some of its function. This could lead to modification of data impacting the integrity of the system.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:s4core:100:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_500:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_600:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_602:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_603:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_604:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_605:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_606:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_616:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_617:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_618:*:*:*:*:*:*:*

History

15 May 2023, 17:23

Type Values Removed Values Added
CPE cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_600:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_605:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_616:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_500:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_606:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_604:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_602:*:*:*:*:*:*:*
cpe:2.3:a:sap:s4core:100:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_618:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_603:*:*:*:*:*:*:*
cpe:2.3:a:sap:vendor_master_hierarchy:sap_appl_617:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
References (MISC) https://launchpad.support.sap.com/#/notes/2335198 - (MISC) https://launchpad.support.sap.com/#/notes/2335198 - Broken Link
References (MISC) https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - (MISC) https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory

09 May 2023, 02:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-05-09 02:15

Updated : 2024-02-04 23:37


NVD link : CVE-2023-32112

Mitre link : CVE-2023-32112

CVE.ORG link : CVE-2023-32112


JSON object : View

Products Affected

sap

  • vendor_master_hierarchy
  • s4core
CWE
CWE-862

Missing Authorization