SAP Business Analytics and SAP Content Management Missing Authorization Check Vulnerability
Vulnerability
A vulnerability exists in SAP Business Analytics and SAP Content Management due to a missing authorization check. This flaw allows an authenticated user to make unauthorized calls to certain remote function modules, potentially accessing sensitive information beyond their assigned permissions. The vulnerability impacts confidentiality but does not affect integrity or availability.
Impact
Exploitation of this vulnerability could lead to unauthorized access to sensitive information, violating confidentiality by allowing users to access data or functions they are not permitted to.
Remediation
Users are advised to consult the SAP Security Notes for guidance on addressing this vulnerability. SAP Security Notes can be accessed through the SAP for Me platform, specifically on the SAP Security Patch Day.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.