Primary

Context

SAP ABAP Systems Authorization Check Vulnerability in Remote-Enabled Function Modules

Vulnerability

A vulnerability exists in ABAP-based SAP systems where a remote-enabled function module fails to implement necessary authorization checks for authenticated users. This oversight leads to unauthorized disclosure of system information. While this vulnerability has a low impact on confidentiality, it does not affect integrity or availability.

Impact

Exploitation of this vulnerability allows for unauthorized information disclosure from the affected system.

Remediation

Users are advised to consult the SAP Security Notes for guidance on addressing this vulnerability. SAP Security Notes can be accessed through the SAP for Me platform, where users can find the complete list of all SAP Security Notes. It is recommended to implement these security corrections as a priority.

Added: Feb 10, 2026, 7:42 AM

Updated: Feb 10, 2026, 7:42 AM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

0.6

exploitability

4.9

remediation

0.0

relevance

2.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

0.6

exploitability

4.9

remediation

0.0

relevance

2.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP ABAP Systems Authorization Check Vulnerability in Remote-Enabled Function Modules

Vulnerability

Impact

Remediation

Affected Products

SAP ABAP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating