SAP MDG Review Match Groups Application Privilege Escalation Vulnerability

A vulnerability in SAP Master Data Governance (MDG) within the Review Match Groups Application has been identified, where the application fails to implement proper authorization checks for authenticated users. This oversight could enable a low-privileged user to execute actions that are typically restricted, leading to unauthorized privilege escalation. While this vulnerability has a low impact on data integrity, it does not affect confidentiality or availability.

Impact

Exploitation of this vulnerability could allow low-privileged users to escalate privileges and perform actions reserved for higher-privileged users.

Remediation

Users are advised to consult the SAP Security Notes for guidance on addressing this vulnerability. SAP Security Notes can be accessed through the SAP for Me platform, specifically in the 'Security Notes' section. It is recommended to implement these security corrections as a priority.