CVE-2024-27900

Name of the Vulnerable Software and Affected Versions SAP ABAP Platform versions 758, 795

Description The issue is due to a missing authorization check, allowing an attacker with a business user account to change the privacy setting of job templates from shared to private, making the selected template only accessible to the owner.

Recommendations For version 758, update to a version that includes the necessary authorization checks to prevent unauthorized changes to job template privacy settings. For version 795, apply the same update as for version 758 to ensure proper authorization checks are in place. At the moment, there is no information about a newer version that contains a fix for this vulnerability.