Sap: >> S/4hana >> 108 Security Vulnerabilities
An authenticated attacker in SAP CRM and SAP S/4HANA (Scripting Editor) could exploit a flaw in a generic function module call and execute unauthorized critical functionalities, which includes the ability to execute an arbitrary SQL statement. This leads to a full database compromise with high impact on confidentiality, integrity, and availability.
CVSS Score
9.9
EPSS Score
0.0
Published
2026-02-10
Due to improper authorization check, business users who are using Israeli File from SHAAM program (/ATL/VQ23 transaction), are granted more than needed authorization to perform certain transaction, which may lead to users getting access to data that would otherwise be restricted.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-06-14