CVE-2025-27433
published 2025-03-11CVE-2025-27433: The Manage Bank Statements in SAP S/4HANA allows authenticated attacker to bypass certain functionality restrictions of the application and upload files to a…
medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
The Manage Bank Statements in SAP S/4HANA allows authenticated attacker to bypass certain functionality restrictions of the application and upload files to a reversed bank statement. This vulnerability has a low impact on the application's integrity, with no effect on confidentiality and availability of the application.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| msrc | azl3_hyperv-daemons_6.6.22.1-2_on_azure_linux_3.0 | — | — |
| msrc | azl3_hyperv-daemons_6.6.35.1-1_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| sap_se | sap_s_4hana | — | — |
| sap_se | sap_s_4hana | — | — |