PT-2025-36548 · Sap · Fiori App Manage Payment Blocks
Published
2025-09-09
·
Updated
2025-09-09
·
CVE-2025-42915
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
Fiori app Manage Payment Blocks (affected versions not specified)
Description:
The Fiori app Manage Payment Blocks does not perform the necessary authorization checks. This allows an attacker with basic user privileges to abuse functionalities restricted to specific user groups, potentially impacting the confidentiality and integrity of the application.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fiori App Manage Payment Blocks