Vulnerability Description
Cash Management in SAP S/4 HANA does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, attacker can add notes in the review request with 'completed' status affecting the integrity of the application. Confidentiality and Availability are not impacted.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://me.sap.com/notes/3427178
- https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?an
- https://me.sap.com/notes/3427178
- https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?an
FAQ
What is CVE-2024-30216?
CVE-2024-30216 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cash Management in SAP S/4 HANA does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, attacker can add not...
How severe is CVE-2024-30216?
CVE-2024-30216 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-30216?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.