CNNVD-202601-2332 Information
CNNVD ID
CNNVD-202601-2332
Related CVE
- CNNVD Published: 2026-01-13
Description (Chinese)
SAP S/4HANA Private Cloud and On-Premise是德国思爱普(SAP)公司的一个服务本地部署方案。 SAP S/4HANA Private Cloud and On-Premise存在SQL注入漏洞,该漏洞源于输入验证不足,可能导致已验证用户执行特制SQL查询以读取、修改和删除后端数据库数据,对应用程序机密性、完整性和可用性造成高影响。
Description (English)
SAP S/4HANA Private Cloud and On-Premise is a local deployment programme for services provided by SAP Germany. SAP S/4HANA Private Cloud and On-Premise had an injection loophole in SQL, which stemmed from inadequate input validation, which could lead to verified users performing customized SQL queries to read, modify and delete back-end database data, with a high impact on the confidentiality, integrity and availability of applications.
Hazard Level
Low
Vulnerability Type
SQL注入
Affected Vendor
思爱普
Published
2026-01-13
Last Modified
2026-02-24
References
https://me.sap.com/notes/3687749 https://url.sap/sapsecuritypatchday
Patch
https://url.sap/sapsecuritypatchday
Share on: