5
CVE-2026-0486
- EPSS 0.03%
- Veröffentlicht 10.02.2026 03:00:59
- Zuletzt bearbeitet 17.02.2026 16:11:29
- Quelle cna@sap.com
- CVE-Watchlists
- Unerledigt
LoginIn ABAP based SAP systems a remote enabled function module does not perform necessary authorization checks for an authenticated user resulting in disclosure of system information.This has low impact on confidentiality. Integrity and availability are not impacted.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SAP ≫ Solution Tools Plug-in Version740
SAP ≫ Solution Tools Plug-in Version758
SAP ≫ Solution Tools Plug-in Version2005_1_700
SAP ≫ Solution Tools Plug-in Version2008_1_710
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.097 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| cna@sap.com | 5 | 3.1 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
|
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.