SAP ABAP Platform Missing Authorization Check Vulnerability Allowing Unauthorized Database Access

A vulnerability exists in the SAP ABAP Platform due to a missing authorization check. This flaw allows an authenticated user with elevated privileges to bypass authorization restrictions for common transactions by using the SQL Console. Exploiting this vulnerability could enable access to and reading of database table contents without proper authorization, significantly compromising data confidentiality. However, the system's integrity and availability remain unaffected.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive data in database tables, creating a risk of data leakage or misuse.

Remediation

Users are advised to review and implement the SAP Security Note associated with this vulnerability. This can be done through the SAP for Me platform, specifically during the monthly SAP Security Patch Day.