CVE-2023-40625

Name of the Vulnerable Software and Affected Versions S4CORE (Manage Purchase Contracts App) versions 102 through 107

Description The issue is related to the lack of necessary authorization checks for authenticated users, which could allow an attacker to perform unintended actions, resulting in escalation of privileges. This has a low impact on confidentiality and integrity, with no impact on the availability of the system.

Recommendations For versions 102 through 107, update to a version that includes the necessary authorization checks to prevent unintended actions and escalation of privileges. At the moment, there is no information about a newer version that contains a fix for this vulnerability.