Vulnerabilities > SAP > BW 4Hana > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-06-11 CVE-2024-37176 Missing Authorization vulnerability in SAP Bw/4Hana
SAP BW/4HANA Transformation and Data Transfer Process (DTP) allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks.
network
low complexity
sap CWE-862
5.4
2023-07-11 CVE-2023-33992 Missing Authorization vulnerability in SAP Business Warehouse and Bw/4Hana
The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response.
network
low complexity
sap CWE-862
6.5
2019-01-08 CVE-2019-0243 Missing Authorization vulnerability in SAP Bw/4Hana 1.0
Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
network
low complexity
sap CWE-862
6.5