Primary

Context

SAP Incentive and Commission Management Authorization Vulnerability Allowing Unauthorized Table Modifications

Vulnerability

A vulnerability exists in the SAP Incentive and Commission Management application due to inadequate authorization checks. This flaw enables authenticated users to call a remote-enabled function module to modify database tables. While the issue poses a low risk to data integrity, it does not affect the application's confidentiality or availability.

Impact

Exploitation of this vulnerability could lead to unauthorized modifications of database tables, potentially allowing for manipulation of application data or business logic.

Remediation

Users are advised to consult the SAP Security Notes for guidance on applying necessary patches. SAP Security Notes can be accessed through the SAP for Me platform, specifically on SAP Security Patch Days, which occur on the second Tuesday of each month.

Added: May 12, 2026, 3:22 AM

Updated: May 12, 2026, 3:22 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP Incentive and Commission Management Authorization Vulnerability Allowing Unauthorized Table Modifications

Vulnerability

Impact

Remediation

Affected Products

SAP Incentive and Commission Management

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating