Inadequate Authorization Check in SAP Banking Services: Privilege Escalation Vulnerability

CVE-2019-0276 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Banking services from SAP 9.0 (FSAPPL version 5) and SAP S/4HANA Financial Products Subledger (S4FPSL, version 1) performs an inadequate authorization check for an authenticated user, potentially resulting in escalation of privileges.

Learn more about our User Device Pen Test.