- Description
- When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions S4CORE 104, 105, 106, 107, an attacker could intercept the save request and change the template, leading to an impact on confidentiality and integrity of the resource. Furthermore, a standard template could be deleted, hence making the resource temporarily unavailable.
- Source
- cna@sap.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.3
- Impact score
- 3.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
- Severity
- HIGH
- cna@sap.com
- CWE-732
- nvd@nist.gov
- NVD-CWE-Other
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:s4core:104:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "964023CE-6EA4-42BB-93B2-DCE6B36D3F89"
},
{
"criteria": "cpe:2.3:a:sap:s4core:105:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84B775EF-6C11-4FAB-B5E7-8F6C4C5674BE"
},
{
"criteria": "cpe:2.3:a:sap:s4core:106:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14D17245-5B6D-4024-AFA6-8E0A70B294BF"
},
{
"criteria": "cpe:2.3:a:sap:s4core:107:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5DEFABE8-1797-4C7B-941C-3205AE90914B"
}
],
"operator": "OR"
}
]
}
]