Unauthenticated User Can Modify SAP Financial Consolidation Maintenance System Message
CVE-2022-26104 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
SAP Financial Consolidation - version 10.1, does not perform necessary authorization checks for updating homepage messages, resulting for an unauthorized user to alter the maintenance system message.
Learn more about our User Device Pen Test.