SAP Fiori App Intercompany Balance Reconciliation Cross-Site Request Forgery Vulnerability
Vulnerability
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the SAP Fiori App Intercompany Balance Reconciliation. This vulnerability allows an attacker to perform state-changing actions by exploiting an inappropriate request type. Such a deviation from expected request semantics could enable the attacker to trigger unintended actions on behalf of an authenticated user, potentially causing a low impact on the system's integrity.
Impact
Exploitation of this vulnerability could lead to unauthorized state-changing actions being performed on behalf of an authenticated user, causing a low impact on the system's integrity.
Remediation
Users are advised to consult the SAP Security Notes for guidance on addressing this vulnerability. SAP Security Notes can be accessed through the SAP for Me platform, specifically on the SAP Security Patch Day.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.