Primary

Context

SAP S/4HANA Missing Authorization Check Vulnerability Allowing Unauthorized File Deletion

Vulnerability

A vulnerability exists in SAP S/4HANA (Private Cloud and On-Premise) due to a missing authorization check. This flaw allows an authenticated user to delete files on the operating system, gaining unauthorized control over file operations. While this vulnerability could lead to no impact on confidentiality, it poses a low risk to the integrity and availability of the application.

Impact

Exploitation of this vulnerability could result in unauthorized file deletion on the operating system, allowing for potential disruption of application availability and integrity.

Remediation

Users are advised to consult the SAP Security Notes for guidance on addressing this vulnerability. SAP Security Notes can be accessed through the SAP for Me platform, specifically on the SAP Security Patch Day.

Added: Apr 14, 2026, 12:28 AM

Updated: Apr 14, 2026, 12:28 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

1.7

exploitability

4.9

remediation

0.0

relevance

5.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

1.7

exploitability

4.9

remediation

0.0

relevance

5.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP S/4HANA Missing Authorization Check Vulnerability Allowing Unauthorized File Deletion

Vulnerability

Impact

Remediation

Affected Products

SAP S/4HANA

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating