Vulnerabilities > SAP > S 4Hana > 103
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-10 | CVE-2023-42475 | Information Exposure vulnerability in SAP S/4Hana The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality. | 4.3 |
| 2023-09-08 | CVE-2023-40306 | Open Redirect vulnerability in SAP S/4Hana SAP S/4HANA Manage Catalog Items and Cross-Catalog searches Fiori apps allow an attacker to redirect users to a malicious site due to insufficient URL validation. | 6.1 |
| 2022-07-12 | CVE-2022-31597 | Missing Authorization vulnerability in SAP S/4Hana and Sapscore Within SAP S/4HANA - versions S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127, the application business partner extension for Spain/Slovakia does not perform necessary authorization checks for a low privileged authenticated user over the network, resulting in escalation of privileges leading to low impact on confidentiality and integrity of the data. | 5.5 |
| 2022-07-12 | CVE-2022-32248 | Improper Input Validation vulnerability in SAP S/4Hana Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA - version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the database. | 5.0 |
| 2022-06-14 | CVE-2022-31589 | Unspecified vulnerability in SAP products Due to improper authorization check, business users who are using Israeli File from SHAAM program (/ATL/VQ23 transaction), are granted more than needed authorization to perform certain transaction, which may lead to users getting access to data that would otherwise be restricted. | 6.5 |
| 2022-01-14 | CVE-2022-22530 | Unspecified vulnerability in SAP S/4Hana The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. | 8.1 |
| 2022-01-14 | CVE-2022-22531 | Unspecified vulnerability in SAP S/4Hana The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. | 8.1 |
| 2020-11-10 | CVE-2020-6316 | Missing Authorization vulnerability in SAP ERP and S/4Hana SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check. | 4.0 |
| 2020-04-24 | CVE-2020-6212 | Missing Authorization vulnerability in SAP ERP and S/4Hana Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary in SAP ERP (versions 618, 730, EAPPLGLO 607) and S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user, allowing reading or modification of some tax reports, due to Missing Authorization Check. | 5.5 |