SAP Security Advisory version S4CORE 104 - SAP Security Notes

 

Advisories for S4CORE 104

Below you can find all Security Advisories that related to your search term.

Note Component Description CVSS Severity Patchday Initially released on Category Affected system type Valid for
3089831 BC-UPG-NZ [CVE-2021-38176] SQL Injection vulnerability in SAP NZDT Mapping Table Framework 9.9 Hot News 2021-09 2021/09/14 Program error ABAP DMIS 2011_1_620 DMIS 2011_1_640 DMIS 2011_1_700 DMIS 2011_1_710 DMIS 2011_1_730 DMIS 2011_1_731 DMIS 2018_1_752 DMIS 2020 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 SAPSCORE 125
3124094 FI-LOC-SAF [CVE-2021-44232] Directory Traversal vulnerability in SAF-T Framework 7.7 High 2021-12 2021/12/14 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_FIN 617 SAP_FIN 618 SAP_FIN 720 SAP_FIN 730
2871167 FI-LOC-FI-EG [CVE-2020-6199] Missing Authorization check in SAP ERP and S/4 HANA (MENA Certificate Management) 5.4 Medium 2020-03 2020/03/10 Program error ABAP EAPPLGLO 607 SAP_FIN 618 SAP_FIN 730 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104
3112928 FI-FIO-AP [CVE-2022-22531] Multiple vulnerabilities in F0743 Create Single Payment application of SAP S/4HANA 8.7 High 2022-01 2022/01/11 Program error ABAP S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106
3203065 FI-LOC-FI-IL-AP [CVE-2022-31589] Segregation of Duty vulnerability in IL FI-AP File from SHAAM program. 5.0 Medium 2022-06 2022/06/14 Program error ABAP C-CEE 110_600 C-CEE 110_602 C-CEE 110_603 C-CEE 110_604 C-CEE 110_700 C-CEE 110_720 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 S4CORE 108 SAP_FIN 618 SAP_FIN 730
3234755 CA-MDG-APP-CUS Information Disclosure vulnerability in Master Data Governance 4.3 Medium 2022-10 2022/10/11 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 SAP_APPL 22A-22J SAP_APPL 300-31I SAP_APPL 40A-40B SAP_APPL 45A-45B SAP_APPL 46A-46B SAP_APPL 46C SAP_APPL 470 SAP_APPL 500 SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_APPL 617 SAP_APPL 618
3213826 FI-LOC-FI-ES [CVE-2022-31597] Missing Authorization check in SAP S/4HANA(business partner extension for Spain/Slovakia) 5.4 Medium 2022-07 2022/07/12 Correction of legal function ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 SAPSCORE 127
2993132 CA-DT-CNV [CVE-2020-26832] Missing Authorization check in SAP NetWeaver AS ABAP and SAP S4 HANA (SAP Landscape Transformation) 7.6 High 2020-12 2020/12/08 Program error ABAP DMIS 2011_1_620 DMIS 2011_1_640 DMIS 2011_1_700 DMIS 2011_1_710 DMIS 2011_1_730 DMIS 2011_1_731 DMIS 2018_1_752 DMIS 2020 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105
3216161 FI-FIO-AP [CVE-2022-32248] Missing Input Validation in Manage Checkbooks component of SAP S/4HANA 4.3 Medium 2022-07 2022/07/12 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106
3407617 CA-LT-SLT [CVE-2024-21735] Improper Authorization check in SAP LT Replication Server 7.3 High 2024-01 2024/01/09 Program error ABAP S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 S4CORE 108
2841874 FIN-FSCM-TRM-TM [CVE-2020-6204] Missing Authorization check in SAP Treasury and Risk Management (Transaction Management) 4.3 Medium 2020-03 2020/03/10 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 EA-FINSERV 600 EA-FINSERV 603 EA-FINSERV 604 EA-FINSERV 605 EA-FINSERV 606 EA-FINSERV 616 EA-FINSERV 617 EA-FINSERV 618 EA-FINSERV 800
2985905 CA-GTF-CSC-DME [CVE-2023-24524] Missing Authorization check in SAP S/4 HANA Map Treasury Correspondence Format Data 6.5 Medium 2023-02 2023/02/14 Program error ABAP S4CORE 104 S4CORE 105
2814462 FI-LOC-FI-BR Missing Authorization Check in S/4Hana ACR Brazil Option Features 5.3 Medium 2019-12 2019/11/26 Program error ABAP S4CORE 103 S4CORE 104
2840520 SD-SLS [CVE-2019-0386] - Missing authorization check in ERP Sales and SAP S/4HANA sales (SD-SLS) 6.3 Medium 2019-11 2019/11/12 Program error ABAP SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_APPL 616 SAP_APPL 617 SAP_APPL 618 SAPSCORE 117 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104
2864966 XX-CSC-EG-FI [CVE-2020-6212] Missing Authorization Check in SAP ERP & S/4 HANA (Egypt localized Withholding Tax reports) 6.3 Medium 2020-04 2020/04/14 Program error ABAP EAPPLGLO 607 SAP_FIN 618 SAP_FIN 730 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104
2877226 SRM-EBP-INT Switchable Authorization checks in SAP Supplier Relationship Management 6.3 Medium 2020-04 2020/03/12 Program error ABAP SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_APPL 616 SAP_APPL 617 SAP_APPL 618 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104
2857511 XX-CSC-RAT [CVE-2020-6188] Missing Authorization check in SAP ERP and S/4 HANA (VAT Pro-Rata reports) 6.3 Medium 2020-02 2020/02/11 Program error ABAP SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_APPL 616 SAP_FIN 617 SAP_FIN 618 SAP_FIN 700 SAP_FIN 720 SAP_FIN 730 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104
2911687 PLM-FIO-DMS [CVE-2020-6266] URL redirection in SAP Fiori for SAP S/4HANA 5.4 Medium 2020-06 2020/06/09 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104
3142092 LO-MD-BP [CVE-2022-22542] Information Disclosure vulnerability in SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer) 6.5 Medium 2022-02 2022/02/08 Program error ABAP S4CORE 104 S4CORE 105 S4CORE 106
2906996 FS-SR [CVE-2020-6268] Missing authorization check in SAP ERP (Statutory Reporting for Insurance Companies) 5.4 Medium 2020-06 2020/06/09 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 EA-FINSERV 600 EA-FINSERV 603 EA-FINSERV 604 EA-FINSERV 605 EA-FINSERV 606 EA-FINSERV 616 EA-FINSERV 617 EA-FINSERV 618 EA-FINSERV 800
3078312 BC-UPG-NZ [CVE-2021-33701] SQL Injection vulnerability in SAP NZDT Row Count Reconciliation 9.1 Hot News 2021-08 2021/08/10 Program error ABAP DMIS 2011_1_620 DMIS 2011_1_640 DMIS 2011_1_700 DMIS 2011_1_710 DMIS 2011_1_730 DMIS 2011_1_731 DMIS 2018_1_752 DMIS 2020 SAPSCORE 125 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105
2874738 FI-LOC-FI-BR Missing Authorization Check in S4 ACR Brazil Option 3.8 Low 2020-07 2020/07/14 Program error ABAP S4CORE 103 S4CORE 104
2885671 FI-FIO-GL [CVE-2020-6273] Missing Authorization check in SAP S/4 HANA (Fiori UI for General Ledger Accounting) 4.3 Medium 2020-08 2020/08/11 Program error ABAP S4CORE 103 S4CORE 104
3341211 FI-FIO-GL-TRA [CVE-2023-35870] Improper Access Control in SAP S/4HANA (Manage Journal Entry Template) 6.3 Medium 2023-07 2023/07/11 Program error ABAP S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107
2873099 EHS-SUS-FND Missing Authorization check in EHS Task Definition attachments 5.4 Medium 2020-10 2020/10/13 Program error ABAP S4CORE 103 S4CORE 104 SAPSCORE 119
3156972 MM-FIO-PUR-REQ-SSP [CVE-2023-40306] URL Redirection vulnerability in SAP S/4HANA (Manage Catalog Items and Cross-Catalog search) 6.1 Medium 2023-08 2023/08/08 Program error ABAP S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106
3442378 FIN-CS-CDC-DC [CVE-2024-28167] Missing Authorization check in SAP Group Reporting Data Collection (Enter Package Data) 6.5 Medium 2024-04 2024/04/09 Program error ABAP S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 S4CORE 108 SAP_GRDC_CLOUD 1.0.0
3427178 FIN-FSCM-CLM-BAM [CVE-2024-30216] Missing Authorization check in SAP S/4 HANA (Cash Management) 4.3 Medium 2024-04 2024/04/09 Program error ABAP S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 S4CORE 108
3326361 MM-FIO-PUR-SQ-CON [CVE-2023-40625] Missing Authorization check in Manage Purchase Contracts App 5.4 Medium 2023-09 2023/09/12 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107
3369680 FI-FIO-AP [CVE-2023-41369] External Entity Loop vulnerability in SAP S/4HANA (Create Single Payment application) 3.5 Low 2023-09 2023/09/12 Program error ABAP S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 S4CORE 108
3355675 FI-FIO-AP-CHK [CVE-2023-41368] Insecure Direct Object Reference (IDOR) vulnerability in SAP S/4HANA (Manage checkbook apps) 2.7 Low 2023-09 2023/09/12 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107
3222121 FI-LOC-SRF-RUN [CVE-2023-42475] Information Disclosure Vulnerability in Statutory Reporting 4.3 Medium 2023-10 2023/10/10 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 SAPSCORE 128
3466175 FI-FIO-AR-PAY [CVE-2024-34691] Missing Authorization check in SAP S/4HANA (Manage Incoming Payment Files) 6.5 Medium 2024-06 2024/06/11 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 S4CORE 108
3497347 MM-PUR-SSP [CVE-2024-42378] Cross-Site Scripting (XSS) in eProcurement on S/4HANA 6.1 Medium 2024-09 2024/09/10 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 S4CORE 108 SAP_APPL 606 SAP_APPL 617 SAP_APPL 618
2743329 FIN-FSCM-IHC Switchable authorization checks for RFC module in In-House-Cash. 6.3 Medium 2021-01 2021/01/12 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104
3251893 FI-FIO-AR [CVE-2024-45282] HTTP Verb Tampering in SAP S/4 HANA(Manage Bank Statements) 4.3 Medium 2024-10 2024/09/24 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107
2990992 EHS-SUS-EM Missing Authorization Checks in the Monitor Data and My Data Collections Apps 5.4 Medium 2021-02 2021/02/09 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105
3007888 IS-B-BCA [CVE-2021-21486] Missing Authorization check in SAP Enterprise Financial Services( Bank Customer Accounts ) 6.8 Medium 2021-03 2021/03/09 Program error ABAP EA-FINSERV 600 EA-FINSERV 603 EA-FINSERV 604 EA-FINSERV 605 EA-FINSERV 606 EA-FINSERV 616 EA-FINSERV 617 EA-FINSERV 618 EA-FINSERV 800 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105
2828981 FIN-FSCM-TRM-TM [CVE-2019-0384] Missing Authorization check in SAP Treasury and Risk Management (Transaction Management) 6.3 Medium 2019-11 2019/11/12 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 EA-FINSERV 600 EA-FINSERV 603 EA-FINSERV 604 EA-FINSERV 605 EA-FINSERV 606 EA-FINSERV 616 EA-FINSERV 617 EA-FINSERV 618 EA-FINSERV 800
2819170 FIN-FSCM-TRM-TM-TR [CVE-2019-0383] Missing Authorization check in SAP Treasury and Risk Management (Transaction Management) 4.3 Medium 2019-11 2019/11/12 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 EA-FINSERV 600 EA-FINSERV 603 EA-FINSERV 604 EA-FINSERV 605 EA-FINSERV 606 EA-FINSERV 616 EA-FINSERV 617 EA-FINSERV 618 EA-FINSERV 800
2999590 EHS-SUS-EM Incomplete authorization checks for import of environmental data 4.3 Medium 2021-06 2021/05/25 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105
2973735 CA-LT-PCL [CVE-2020-26808] Code Injection in SAP AS ABAP and S/4 HANA (DMIS) 9.1 Hot News 2020-11 2020/11/11 Program error ABAP DMIS 2011_1_620 DMIS 2011_1_640 DMIS 2011_1_700 DMIS 2011_1_710 DMIS 2011_1_730 DMIS 2011_1_731 DMIS 2018_1_752 DMIS 2020 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105
2944188 PS-IS [CVE-2020-6316] Missing Authorization Check in SAP ERP and SAP S/4 HANA 4.3 Medium 2020-11 2020/11/10 Program error ABAP S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_APPL 616 SAP_APPL 617 SAP_APPL 618
2988962 CO-FIO-OM-PL Cross-Site Request Forgery (CSRF) vulnerability for S/4HANA OP2020, OP1909 in Import Financial Plan Data 5.4 Medium 2021-10 2021/09/28 Program error ABAP S4CORE 104 S4CORE 105
3068582 FI-LOC-FI-FR [CVE-2021-38164] Missing Authorization check in in SAP ERP Financial Accounting / RFOPENPOSTING_FR 5.4 Medium 2021-09 2021/09/14 Program error ABAP S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 SAPSCORE 125 SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_APPL 616 SAP_FIN 617 SAP_FIN 618 SAP_FIN 700 SAP_FIN 720 SAP_FIN 730
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. We help businesses in making their SAP systems more secure.

SecurityBridge
Platform
Product

© Copyright 2024 by SecurityBridge GmbH

v35.0