OData Service Vulnerability: Checkbook Name Manipulation in S4 HANA (Manage Checkbook Apps)

OData Service Vulnerability: Checkbook Name Manipulation in S4 HANA (Manage Checkbook Apps)

CVE-2023-41368 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

The OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107, allows an attacker to change the checkbook name by simulating an update OData call.

Learn more about our Web Application Penetration Testing UK.