CVE-2025-42876
09.12.2025, 16:17
Due to a Missing Authorization Check vulnerability in SAP S/4 HANA Private Cloud (Financials General Ledger), an authenticated attacker with authorization limited to a single company code could read sensitive data and post or modify documents across all company codes. Successful exploitation could result in a high impact to confidentiality and a low impact to integrity, while availability remains unaffected.
Awaiting analysis
This vulnerability is currently awaiting analysis.
Common Weakness Enumeration
Vulnerability Media Exposure