CNNVD-202507-803 Information
CNNVD ID
CNNVD-202507-803
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
SAP Business Warehouse和SAP BW/4HANA BEx Tools都是德国思爱普(SAP)公司的产品。SAP Business Warehouse是用于执行业务流程的关键组件,它允许用户设计、实施和管理业务流程,确保流程的合规性,并通过自动化减少手动操作的需要。SAP BW/4HANA BEx Tools是一款分析语报表工具。 SAP Business Warehouse和SAP BW/4HANA BEx Tools存在安全漏洞,该漏洞源于授权检查不当,可能导致攻击者获得高于预期的访问级别。
Description (English)
SAP Business Warehouse and SAP BW/4HANA BEX Tools are products of SAP Germany. SAP Business Wayhouse is a key component for the implementation of business processes that allows users to design, implement and manage business processes, ensures process compliance and reduces the need for manual operations through automation. SAP BW/4HANA BEx Tools is an analytical language reporting tool. There is a security gap between SAP Business Warehouse and SAP BW/4HANA Bex Tools, which stems from inadequate authorization checks and may lead to a higher-than-anticipated level of access for the attackers.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
思爱普
Published
2025-07-08
Last Modified
2026-02-24
References
https://me.sap.com/notes/3608991 https://url.sap/sapsecuritypatchday
Patch
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/july-2025.html
Share on: