Home

Description

Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted.

PUBLISHED Reserved 2025-12-09 | Published 2026-01-13 | Updated 2026-01-13 | Assigner sap




MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere

Product status

Default status
unaffected

UIAPFI70 500
affected

600
affected

700
affected

800
affected

900
affected

901
affected

902
affected

UIS4H 109
affected

References

me.sap.com/notes/3655227

url.sap/sapsecuritypatchday

cve.org (CVE-2026-0494)

nvd.nist.gov (CVE-2026-0494)

Download JSON