CVE-2026-23683

Summary

SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on confidentiality, integrity and availability are not impacted.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP Fiori App (Intercompany Balance Reconciliation)S4CORE 102affected
SAP_SESAP Fiori App (Intercompany Balance Reconciliation)103affected
SAP_SESAP Fiori App (Intercompany Balance Reconciliation)104affected
SAP_SESAP Fiori App (Intercompany Balance Reconciliation)105affected
SAP_SESAP Fiori App (Intercompany Balance Reconciliation)106affected

Weaknesses

  • CWE-862: CWE-862: Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References