Home
MEDIUM: 5.5 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:LDefault status
unaffected
SAP_APPL 600
affected
602
affected
603
affected
604
affected
605
affected
606
affected
617
affected
618
affected
S4CORE 102
affected
103
affected
104
affected
105
affected
106
affected
107
affected
108
affected
CPRXRPM 400
affected
450_700
affected
500_702
affected
610_740
affected
Description
SAP S/4HANA application Project Management (PPM-PRO) allows an attacker with high privileges to execute crafted database queries, exposing the backend database. This results in low impact on confidentiality, with no impact on integrity and availability of the application.
Problem types
CWE-89: Improper Neutralization of Special Elements used in an SQL Command
Product status
SAP_APPL 600
602
603
604
605
606
617
618
S4CORE 102
103
104
105
106
107
108
CPRXRPM 400
450_700
500_702
610_740