CVE-2019-0243

Summary

Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP BW/4HANA (DW4CORE)< 1.0 (SP08)affected

Weaknesses

  • Missing Authorization Check

ADP Enrichment

CVE Program Container

Additional References

References