SAP S/4HANA Condition Maintenance Missing Authorization Check Vulnerability

A vulnerability exists in SAP S/4HANA Condition Maintenance due to a missing authorization check. This flaw allows authenticated attackers to gain unauthorized access to view and modify condition table records. The vulnerability has a low impact on data confidentiality and integrity, and it may also disrupt access for legitimate users, causing a low impact on application availability.

Impact

Exploitation of this vulnerability could lead to unauthorized access and modification of condition table records, with a low impact on data confidentiality and integrity. Additionally, the vulnerability may cause availability issues for legitimate users by disrupting their access to the records.

Remediation

Users are advised to consult the SAP Security Notes for guidance on addressing this vulnerability. SAP Security Notes can be accessed through the SAP for Me platform, where users can find a complete list of security updates and patches. It is recommended to implement these corrections as a priority.