CVE-2023-32112

Name of the Vulnerable Software and Affected Versions SAP APPL versions 500 through 618 S4CORE version 100

Description The Vendor Master Hierarchy does not perform necessary authorization checks for an authenticated user to access some of its functions. This could lead to modification of data impacting the integrity of the system.

Recommendations For SAP APPL versions 500 through 618, consider restricting access to sensitive functions until a patch is available. For S4CORE version 100, consider implementing additional authorization checks to prevent unauthorized access to sensitive data. As a temporary workaround, consider disabling access to the vulnerable functions in the Vendor Master Hierarchy until a patch is available.