Privilege Escalation Vulnerability in SAP Enterprise Financial Services

Privilege Escalation Vulnerability in SAP Enterprise Financial Services

CVE-2018-2454 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 (in business function EAFS_BCA_BUSOPR_2) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

Learn more about our User Device Pen Test.