CVE-2019-0386

Name of the Vulnerable Software and Affected Versions SAP ERP Sales versions 6.0 through 6.06, 6.16 through 6.18 S4HANA Sales versions 1.0 through 1.04

Description The issue is related to insufficient authorization checks in the order processing functionality, which can lead to an escalation of privileges for an authenticated user. This can potentially allow a remote attacker to elevate their privileges.

Recommendations For SAP ERP Sales versions 6.0 through 6.06, 6.16 through 6.18, update to a version that includes the corrections, such as SAP APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18. For S4HANA Sales versions 1.0 through 1.04, update to a version that includes the corrections, such as S4CORE 1.0, 1.01, 1.02, 1.03, 1.04.