Skip to main content

SAP S/4HANA EUVDEUVD-2026-43595

| CVE-2026-44771 MEDIUM
Missing Authorization (CWE-862)
2026-07-14 sap GHSA-jf6p-qvqv-f6g9
4.3
CVSS 3.1 · Vendor: sap
Share

Severity by source

Vendor (sap) PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
vuln.today AI
4.3 MEDIUM

Network-accessible endpoint, low complexity; PR:L because a valid authenticated session is required; confidentiality-only at low tier with no integrity or availability impact.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (sap).

CVSS VectorVendor: sap

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Jul 14, 2026 - 01:21 vuln.today
CVE Published
Jul 14, 2026 - 00:21 cve.org
MEDIUM 4.3

DescriptionCVE.org

SAP S/4HANA Draft operation does not perform necessary authorization checks for an authenticated user, a restricted user could access information within the entity resulting in escalation of privileges. This results in low impact on confidentiality, with no impact on integrity and availability of the application.

AnalysisAI

Privilege escalation in SAP S/4HANA's Draft Operation component allows authenticated restricted users to read entity data beyond their authorized scope due to missing authorization checks. The flaw, classified under CWE-862, is exploitable over the network without elevated privileges, resulting in low confidentiality impact with no effect on integrity or availability. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to SAP S/4HANA as restricted user
Delivery
Identify draft-enabled OData/Fiori entity endpoint
Exploit
Submit draft operation request for unauthorized entity
Execution
Authorization check bypassed by vulnerable handler
Impact
Read confidential draft entity data

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid authenticated session in SAP S/4HANA with at least low-privilege access (PR:L per CVSS vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS base score of 4.3 (Medium) accurately reflects the constrained impact: the attack vector is network-accessible (AV:N) with low complexity (AC:L) and requires only low-privilege authentication (PR:L), but scope is unchanged (S:U) and impact is limited strictly to confidentiality at the low tier (C:L/I:N/A:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated SAP S/4HANA user with a restricted role - such as a read-only reporting user or a user with access limited to specific business units - sends a network request to the Draft Operation endpoint for an entity outside their authorized scope. Because authorization checks are absent, the server returns the draft entity data without validating the user's permissions, exposing potentially sensitive business records such as draft purchase orders, financial postings, or HR records. …
Remediation Apply the fix documented in SAP Security Note 3515598 (https://me.sap.com/notes/3515598), which is the authoritative vendor remedy for this authorization gap. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-43595 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy