Vulnerabilities > SAP > BW 4Hana > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-11 | CVE-2024-37176 | Missing Authorization vulnerability in SAP Bw/4Hana SAP BW/4HANA Transformation and Data Transfer Process (DTP) allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks. | 5.4 |
| 2023-07-11 | CVE-2023-33992 | Missing Authorization vulnerability in SAP Business Warehouse and Bw/4Hana The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. | 6.5 |
| 2019-01-08 | CVE-2019-0243 | Missing Authorization vulnerability in SAP Bw/4Hana 1.0 Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 6.5 |