1. Home
  2. CVE Database
  3. CVE-2026-40133
MEDIUM · 6.3

CVE-2026-40133

Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on...

Vulnerability Description

Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on the confidentiality and integrity of the data. Additionally, this vulnerability may prevent the legitimate user from accessing the records, causing low impact on application availability.

CVSS Score

6.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW

Related Weaknesses (CWE)

CWE-862

References

FAQ

What is CVE-2026-40133?

CVE-2026-40133 is a vulnerability with a CVSS score of 6.3 (MEDIUM). Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on...

How severe is CVE-2026-40133?

CVE-2026-40133 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-40133?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.