CVE-2026-44750

Summary

SAP MDG (Review Match Groups Application) does not perform the necessary authorization checks for authenticated users. This could allow a low-privileged user to perform actions that would otherwise be restricted, resulting in escalation of privileges. This has a low impact on integrity, while confidentiality and availability are not impacted.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP MDG (Review Match Groups Application)S4CORE 108affected
SAP_SESAP MDG (Review Match Groups Application)SAP_BASIS 916affected
SAP_SESAP MDG (Review Match Groups Application)SAP_BASIS 917affected
SAP_SESAP MDG (Review Match Groups Application)SAP_ABA 816affected

Weaknesses

  • CWE-862: CWE-862: Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References