Vulnerabilities > CVE-2023-42473 - Missing Authorization vulnerability in SAP S/4Hana 106

047910
CVSS 5.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
sap
CWE-862

Summary

S/4HANA Manage (Withholding Tax Items) - version 106, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges which has low impact on the confidentiality and integrity of the application.

Vulnerable Configurations

Part Description Count
Application
Sap
1

Common Weakness Enumeration (CWE)