CVE-2026-27686

Name of the Vulnerable Software and Affected Versions SAP Business Warehouse (affected versions not specified)

Description A missing authorization check exists in the SAP Business Warehouse Service API. An authenticated attacker could exploit this to perform unauthorized actions through a vulnerable RFC function module. Successful exploitation may allow unauthorized configuration and control changes, potentially leading to disruption of request processing and denial of service. The issue has a low impact on data integrity and a high impact on system availability. Confidentiality is not affected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.