Home
MEDIUM: 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NDefault status
unaffected
S4CORE 102
affected
103
affected
104
affected
105
affected
106
affected
107
affected
108
affected
109
affected
Description
SAP Create Single Payment does not perform necessary authorization checks for an authenticated user, a restricted user could access specific entity set keys resulting in disclosure of information. This has low impact on confidentiality, with no impact on integrity and availability of the application.
Problem types
CWE-862: Missing Authorization
Product status
S4CORE 102
103
104
105
106
107
108
109