SAP Security Advisory version S4CORE 103 - SAP Security Notes

 

Advisories for S4CORE 103

Below you can find all Security Advisories that related to your search term.

Note Component Description CVSS Severity Patchday Initially released on Category Affected system type Valid for
3089831 BC-UPG-NZ [CVE-2021-38176] SQL Injection vulnerability in SAP NZDT Mapping Table Framework 9.9 Hot News 2021-09 2021/09/14 Program error ABAP DMIS 2011_1_620 DMIS 2011_1_640 DMIS 2011_1_700 DMIS 2011_1_710 DMIS 2011_1_730 DMIS 2011_1_731 DMIS 2018_1_752 DMIS 2020 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 SAPSCORE 125
3124094 FI-LOC-SAF [CVE-2021-44232] Directory Traversal vulnerability in SAF-T Framework 7.7 High 2021-12 2021/12/14 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_FIN 617 SAP_FIN 618 SAP_FIN 720 SAP_FIN 730
2871167 FI-LOC-FI-EG [CVE-2020-6199] Missing Authorization check in SAP ERP and S/4 HANA (MENA Certificate Management) 5.4 Medium 2020-03 2020/03/10 Program error ABAP EAPPLGLO 607 SAP_FIN 618 SAP_FIN 730 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104
3112928 FI-FIO-AP [CVE-2022-22531] Multiple vulnerabilities in F0743 Create Single Payment application of SAP S/4HANA 8.7 High 2022-01 2022/01/11 Program error ABAP S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106
2731871 CA-CPD-WS Missing Authorization check in Commercial Project Management 6.3 Medium 2020-03 2020/03/10 Program error ABAP S4CORE 103
3203065 FI-LOC-FI-IL-AP [CVE-2022-31589] Segregation of Duty vulnerability in IL FI-AP File from SHAAM program. 5.0 Medium 2022-06 2022/06/14 Program error ABAP C-CEE 110_600 C-CEE 110_602 C-CEE 110_603 C-CEE 110_604 C-CEE 110_700 C-CEE 110_720 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 S4CORE 108 SAP_FIN 618 SAP_FIN 730
3234755 CA-MDG-APP-CUS Information Disclosure vulnerability in Master Data Governance 4.3 Medium 2022-10 2022/10/11 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 SAP_APPL 22A-22J SAP_APPL 300-31I SAP_APPL 40A-40B SAP_APPL 45A-45B SAP_APPL 46A-46B SAP_APPL 46C SAP_APPL 470 SAP_APPL 500 SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_APPL 617 SAP_APPL 618
3213826 FI-LOC-FI-ES [CVE-2022-31597] Missing Authorization check in SAP S/4HANA(business partner extension for Spain/Slovakia) 5.4 Medium 2022-07 2022/07/12 Correction of legal function ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 SAPSCORE 127
2993132 CA-DT-CNV [CVE-2020-26832] Missing Authorization check in SAP NetWeaver AS ABAP and SAP S4 HANA (SAP Landscape Transformation) 7.6 High 2020-12 2020/12/08 Program error ABAP DMIS 2011_1_620 DMIS 2011_1_640 DMIS 2011_1_700 DMIS 2011_1_710 DMIS 2011_1_730 DMIS 2011_1_731 DMIS 2018_1_752 DMIS 2020 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105
3216161 FI-FIO-AP [CVE-2022-32248] Missing Input Validation in Manage Checkbooks component of SAP S/4HANA 4.3 Medium 2022-07 2022/07/12 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106
2726124 IS-A Missing Authorization Check in multiple components under SAP Automotive Solutions 6.3 Medium 2022-07 2022/06/28 Program error ABAP ECC-DIMP 600 ECC-DIMP 602 ECC-DIMP 603 ECC-DIMP 604 ECC-DIMP 605 ECC-DIMP 606 ECC-DIMP 616 ECC-DIMP 617 ECC-DIMP 618 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103
3407617 CA-LT-SLT [CVE-2024-21735] Improper Authorization check in SAP LT Replication Server 7.3 High 2024-01 2024/01/09 Program error ABAP S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 S4CORE 108
2816035 QM [CVE-2019-0393] SQL injection vulnerability in SAP Quality Management 5.4 Medium 2019-11 2019/11/12 Program error ABAP S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103
2841874 FIN-FSCM-TRM-TM [CVE-2020-6204] Missing Authorization check in SAP Treasury and Risk Management (Transaction Management) 4.3 Medium 2020-03 2020/03/10 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 EA-FINSERV 600 EA-FINSERV 603 EA-FINSERV 604 EA-FINSERV 605 EA-FINSERV 606 EA-FINSERV 616 EA-FINSERV 617 EA-FINSERV 618 EA-FINSERV 800
2734675 FIN-FSCM-CLM-BAM Missing Authorization Check in SAP Cash Management 6.3 Medium 2019-12 2019/12/10 Program error ABAP SAP_FIN 720 SAP_FIN 730 SAPSCORE 116 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103
2803554 PPM-PRO [CVE-2019-0399] Potential Information Disclosure in SAP Portfolio and Project Management 5.3 Medium 2019-12 2019/12/10 Program error ABAP S4CORE 102 S4CORE 103 EPPM 100 CPRXRPM 500_702 CPRXRPM 600_740 CPRXRPM 610_740
2814462 FI-LOC-FI-BR Missing Authorization Check in S/4Hana ACR Brazil Option Features 5.3 Medium 2019-12 2019/11/26 Program error ABAP S4CORE 103 S4CORE 104
2688383 SCM-BAS-EHS-DG Missing authorization check in Dangerous Goods Management of EHS Services in SCM 6.3 Medium 2020-02 2020/02/11 Program error ABAP SAPSCORE 115 S4CORE 101 S4CORE 102 S4CORE 103 SCM_BASIS 700 SCM_BASIS 701 SCM_BASIS 702 SCM_BASIS 712 SCM_BASIS 713 SCM_BASIS 714
2840520 SD-SLS [CVE-2019-0386] - Missing authorization check in ERP Sales and SAP S/4HANA sales (SD-SLS) 6.3 Medium 2019-11 2019/11/12 Program error ABAP SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_APPL 616 SAP_APPL 617 SAP_APPL 618 SAPSCORE 117 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104
2864966 XX-CSC-EG-FI [CVE-2020-6212] Missing Authorization Check in SAP ERP & S/4 HANA (Egypt localized Withholding Tax reports) 6.3 Medium 2020-04 2020/04/14 Program error ABAP EAPPLGLO 607 SAP_FIN 618 SAP_FIN 730 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104
2877226 SRM-EBP-INT Switchable Authorization checks in SAP Supplier Relationship Management 6.3 Medium 2020-04 2020/03/12 Program error ABAP SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_APPL 616 SAP_APPL 617 SAP_APPL 618 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104
2857511 XX-CSC-RAT [CVE-2020-6188] Missing Authorization check in SAP ERP and S/4 HANA (VAT Pro-Rata reports) 6.3 Medium 2020-02 2020/02/11 Program error ABAP SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_APPL 616 SAP_FIN 617 SAP_FIN 618 SAP_FIN 700 SAP_FIN 720 SAP_FIN 730 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104
2911687 PLM-FIO-DMS [CVE-2020-6266] URL redirection in SAP Fiori for SAP S/4HANA 5.4 Medium 2020-06 2020/06/09 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104
2906996 FS-SR [CVE-2020-6268] Missing authorization check in SAP ERP (Statutory Reporting for Insurance Companies) 5.4 Medium 2020-06 2020/06/09 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 EA-FINSERV 600 EA-FINSERV 603 EA-FINSERV 604 EA-FINSERV 605 EA-FINSERV 606 EA-FINSERV 616 EA-FINSERV 617 EA-FINSERV 618 EA-FINSERV 800
2541823 CRM-BTX-BF-EBI Switchable authorization checks for RFC in SAP CRM (external billing) 6.3 Medium 2020-07 2020/06/09 Program error ABAP SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_APPL 616 SAP_APPL 617 SAP_APPL 618 SAPSCORE 116 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103
3078312 BC-UPG-NZ [CVE-2021-33701] SQL Injection vulnerability in SAP NZDT Row Count Reconciliation 9.1 Hot News 2021-08 2021/08/10 Program error ABAP DMIS 2011_1_620 DMIS 2011_1_640 DMIS 2011_1_700 DMIS 2011_1_710 DMIS 2011_1_730 DMIS 2011_1_731 DMIS 2018_1_752 DMIS 2020 SAPSCORE 125 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105
2874738 FI-LOC-FI-BR Missing Authorization Check in S4 ACR Brazil Option 3.8 Low 2020-07 2020/07/14 Program error ABAP S4CORE 103 S4CORE 104
2885671 FI-FIO-GL [CVE-2020-6273] Missing Authorization check in SAP S/4 HANA (Fiori UI for General Ledger Accounting) 4.3 Medium 2020-08 2020/08/11 Program error ABAP S4CORE 103 S4CORE 104
2873099 EHS-SUS-FND Missing Authorization check in EHS Task Definition attachments 5.4 Medium 2020-10 2020/10/13 Program error ABAP S4CORE 103 S4CORE 104 SAPSCORE 119
3156972 MM-FIO-PUR-REQ-SSP [CVE-2023-40306] URL Redirection vulnerability in SAP S/4HANA (Manage Catalog Items and Cross-Catalog search) 6.1 Medium 2023-08 2023/08/08 Program error ABAP S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106
3427178 FIN-FSCM-CLM-BAM [CVE-2024-30216] Missing Authorization check in SAP S/4 HANA (Cash Management) 4.3 Medium 2024-04 2024/04/09 Program error ABAP S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 S4CORE 108
3326361 MM-FIO-PUR-SQ-CON [CVE-2023-40625] Missing Authorization check in Manage Purchase Contracts App 5.4 Medium 2023-09 2023/09/12 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107
3369680 FI-FIO-AP [CVE-2023-41369] External Entity Loop vulnerability in SAP S/4HANA (Create Single Payment application) 3.5 Low 2023-09 2023/09/12 Program error ABAP S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 S4CORE 108
3355675 FI-FIO-AP-CHK [CVE-2023-41368] Insecure Direct Object Reference (IDOR) vulnerability in SAP S/4HANA (Manage checkbook apps) 2.7 Low 2023-09 2023/09/12 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107
3222121 FI-LOC-SRF-RUN [CVE-2023-42475] Information Disclosure Vulnerability in Statutory Reporting 4.3 Medium 2023-10 2023/10/10 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 SAPSCORE 128
3466175 FI-FIO-AR-PAY [CVE-2024-34691] Missing Authorization check in SAP S/4HANA (Manage Incoming Payment Files) 6.5 Medium 2024-06 2024/06/11 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 S4CORE 108
3497347 MM-PUR-SSP [CVE-2024-42378] Cross-Site Scripting (XSS) in eProcurement on S/4HANA 6.1 Medium 2024-09 2024/09/10 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107 S4CORE 108 SAP_APPL 606 SAP_APPL 617 SAP_APPL 618
2743329 FIN-FSCM-IHC Switchable authorization checks for RFC module in In-House-Cash. 6.3 Medium 2021-01 2021/01/12 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104
3251893 FI-FIO-AR [CVE-2024-45282] HTTP Verb Tampering in SAP S/4 HANA(Manage Bank Statements) 4.3 Medium 2024-10 2024/09/24 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 S4CORE 106 S4CORE 107
2990992 EHS-SUS-EM Missing Authorization Checks in the Monitor Data and My Data Collections Apps 5.4 Medium 2021-02 2021/02/09 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105
3007888 IS-B-BCA [CVE-2021-21486] Missing Authorization check in SAP Enterprise Financial Services( Bank Customer Accounts ) 6.8 Medium 2021-03 2021/03/09 Program error ABAP EA-FINSERV 600 EA-FINSERV 603 EA-FINSERV 604 EA-FINSERV 605 EA-FINSERV 606 EA-FINSERV 616 EA-FINSERV 617 EA-FINSERV 618 EA-FINSERV 800 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105
2828981 FIN-FSCM-TRM-TM [CVE-2019-0384] Missing Authorization check in SAP Treasury and Risk Management (Transaction Management) 6.3 Medium 2019-11 2019/11/12 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 EA-FINSERV 600 EA-FINSERV 603 EA-FINSERV 604 EA-FINSERV 605 EA-FINSERV 606 EA-FINSERV 616 EA-FINSERV 617 EA-FINSERV 618 EA-FINSERV 800
2819170 FIN-FSCM-TRM-TM-TR [CVE-2019-0383] Missing Authorization check in SAP Treasury and Risk Management (Transaction Management) 4.3 Medium 2019-11 2019/11/12 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 EA-FINSERV 600 EA-FINSERV 603 EA-FINSERV 604 EA-FINSERV 605 EA-FINSERV 606 EA-FINSERV 616 EA-FINSERV 617 EA-FINSERV 618 EA-FINSERV 800
2999590 EHS-SUS-EM Incomplete authorization checks for import of environmental data 4.3 Medium 2021-06 2021/05/25 Program error ABAP S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105
2973735 CA-LT-PCL [CVE-2020-26808] Code Injection in SAP AS ABAP and S/4 HANA (DMIS) 9.1 Hot News 2020-11 2020/11/11 Program error ABAP DMIS 2011_1_620 DMIS 2011_1_640 DMIS 2011_1_700 DMIS 2011_1_710 DMIS 2011_1_730 DMIS 2011_1_731 DMIS 2018_1_752 DMIS 2020 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105
2944188 PS-IS [CVE-2020-6316] Missing Authorization Check in SAP ERP and SAP S/4 HANA 4.3 Medium 2020-11 2020/11/10 Program error ABAP S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_APPL 616 SAP_APPL 617 SAP_APPL 618
2495462 FI-LA Switchable Authorization checks for RFC in SAP Leasing 6.3 Medium 2020-01 2020/01/14 Program error ABAP SAP_APPL 617 SAP_APPL 618 SAP_APPL 619 SAPSCORE 112 S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 EA-APPL 600 EA-APPL 602 EA-APPL 603 EA-APPL 604 EA-APPL 605 EA-APPL 606 EA-APPL 616 EA-APPL 617 FI-CAX 602 FI-CAX 603 FI-CAX 604 FI-CAX 605 FI-CAX 606 FI-CAX 616 FI-CAX 617 FI-CAX 618 FI-CAX 800 FI-CAX 801 FI-CAX 802
2655294 SCM-BAS-INT-EXT Missing Authorization check in SCM BAPIs 5.3 Medium 2021-10 2021/10/12 Program error ABAP S4CORE 101 S4CORE 102 S4CORE 103 SAPSCORE 114 SAPSCORE 115 SCM 700 SCM 701 SCM 702 SCM 712 SCMAPO 713 SCMAPO 714 SCM_BASIS 510 SCM_BASIS 700 SCM_BASIS 701 SCM_BASIS 702 SCM_BASIS 712 SCM_BASIS 713 SCM_BASIS 714
3068582 FI-LOC-FI-FR [CVE-2021-38164] Missing Authorization check in in SAP ERP Financial Accounting / RFOPENPOSTING_FR 5.4 Medium 2021-09 2021/09/14 Program error ABAP S4CORE 100 S4CORE 101 S4CORE 102 S4CORE 103 S4CORE 104 S4CORE 105 SAPSCORE 125 SAP_APPL 600 SAP_APPL 602 SAP_APPL 603 SAP_APPL 604 SAP_APPL 605 SAP_APPL 606 SAP_APPL 616 SAP_FIN 617 SAP_FIN 618 SAP_FIN 700 SAP_FIN 720 SAP_FIN 730
ABEX logo

SecurityBridge helps in prioritizing SAP patches, updates and the remediation strategies essential for preventing the disruption of vital business systems. We help businesses in making their SAP systems more secure.

SecurityBridge

© Copyright 2024 by SecurityBridge GmbH

v35.0