SAP Business Planning and Consolidation
0 remedies
cpe:2.3:a:sap:business_planning_and_consolidation:*:*:*:*:*:*:*
0 remedies
SAP Business Planning and Consolidation and SAP Business Warehouse SQL Injection Vulnerability Allowing Data Manipulation
Vulnerability
A vulnerability exists in SAP Business Planning and Consolidation and SAP Business Warehouse due to inadequate authorization checks. This flaw enables authenticated users to execute specially crafted SQL statements that can read, modify, and delete database information. The vulnerability significantly impacts the system's confidentiality, integrity, and availability.
Impact
Exploitation of this vulnerability allows for unauthorized execution of SQL commands, leading to potential unauthorized access to, modification of, or deletion of database information.
Remediation
Users are advised to consult the SAP Security Notes for guidance on applying necessary patches. SAP Security Notes can be accessed through the SAP for Me platform, specifically on SAP Security Patch Days, which occur on the second Tuesday of each month.
Added: Apr 14, 2026, 12:21 AM
Updated: Apr 14, 2026, 12:21 AM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
3.1exploitability
3.5remediation
0.0relevance
5.9threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.