In some SAP standard roles, in SAP_ABA versions, 7.00 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50, 75C to 75D, a transaction code reserved for customer is used. By implementing such transaction code a malicious user may execute unauthorized transaction functionality.

Related CVEs

CVE-2018-2481

Key Information

GHSA ID

GHSA-26pg-vhv9-6fgm

Published

May 13, 2022 1:51 AM

Last Modified

May 13, 2022 1:51 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 6, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.