| CVE编号 | CVE-2025-27436 |
|---|---|
| 发布日期 | 2025-03-11T00:39:14.372Z |
| 更新日期 | 2025-03-11T02:03:20.832Z |
| 状态 | PUBLISHED |
| 受影响的供应商 | SAP_SE |
| 受影响的产品 | SAP S/4HANA (Manage Bank Statements) |
| 描述 | The Manage Bank Statements in SAP S/4HANA does not perform required access control checks for an authenticated user to confirm whether a request to interact with a resource is legitimate, allowing the attacker to delete the attachment of a posted bank statement. This leads to a low impact on integrity, with no impact on the confidentiality of the data or the availability of the application. |
参考链接:
