Due to improper authorization check, business users who are using Israeli File from SHAAM program (/ATL/VQ23 transaction), are granted more than needed authorization to perform certain transaction, which may lead to users getting access to data that would otherwise be restricted.
2022-06-14T19:15:07.623
2024-11-21T07:04:47.960
Modified
CVSSv3.1: 6.5 (MEDIUM)
AV:N/AC:L/Au:S/C:P/I:N/A:N
8.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | sap | erp_financial_accounting | 618 | Yes |
| Application | sap | erp_financial_accounting | 720 | Yes |
| Application | sap | erp_localization_for_cee_countries | c-cee_110_600 | Yes |
| Application | sap | erp_localization_for_cee_countries | c-cee_110_602 | Yes |
| Application | sap | erp_localization_for_cee_countries | c-cee_110_603 | Yes |
| Application | sap | erp_localization_for_cee_countries | c-cee_110_604 | Yes |
| Application | sap | erp_localization_for_cee_countries | c-cee_110_700 | Yes |
| Application | sap | s\/4hana | 100 | Yes |
| Application | sap | s\/4hana | 101 | Yes |
| Application | sap | s\/4hana | 102 | Yes |
| Application | sap | s\/4hana | 103 | Yes |
| Application | sap | s\/4hana | 104 | Yes |
| Application | sap | s\/4hana | 105 | Yes |
| Application | sap | s\/4hana | 106 | Yes |
| Application | sap | s\/4hana | 107 | Yes |
| Application | sap | s\/4hana | 108 | Yes |