Vulnerabilities > CVE-2023-1903 - Unspecified vulnerability in SAP HCM Fiori APP MY Forms 605

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

sap

NVD

Published: 2023-04-11

Updated: 2024-11-21

Summary

SAP HCM Fiori App My Forms (Fiori 2.0) - version 605, does not perform necessary authorization checks for an authenticated user exposing the restricted header data.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP HCM Fiori APP MY Forms 605	1

References

https://launchpad.support.sap.com/#/notes/3301457
https://launchpad.support.sap.com/#/notes/3301457
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html