CVE-2018-2403

Name of the Vulnerable Software and Affected Versions SAP Disclosure Management version 10.1

Description The issue allows an attacker to access restricted information under certain conditions. An authorized user can manipulate SAP Disclosure Management to point a specific chapter type to a chapter they do not have access to.

Recommendations For SAP Disclosure Management version 10.1, consider restricting access to chapter types to prevent unauthorized access to restricted information. As a temporary workaround, review and limit user permissions to ensure that users can only access chapters they are authorized to view.