SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does not perform necessary authorization checks. A function import could be triggered allowing the attacker to create in-house bank accounts leading to low impact on the confidentiality of the application.

Related CVEs

CVE-2024-21736

Key Information

GHSA ID

GHSA-f8g9-xx53-mgmc

Published

January 9, 2024 3:30 AM

Last Modified

January 9, 2024 3:30 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 8, 2025 6:31 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.