Vulnerabilities > CVE-2024-21736 - Unspecified vulnerability in SAP S/4Hana Finance 107/128
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does not perform necessary authorization checks. A function import could be triggered allowing the attacker to create in-house bank accounts leading to low impact on the confidentiality of the application.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |