Sap S 4Hana Project Management Ppm Pro
Monthly
SQL injection in SAP S/4HANA Project Management (PPM-PRO) allows a high-privileged authenticated attacker to execute crafted database queries, exposing backend database contents. The vulnerability is reachable over the network but requires both high attack complexity and high privilege level, significantly constraining the realistic attacker pool. No public exploit or active exploitation has been identified at time of analysis, and the CVSS base score of 5.5 reflects these mitigating factors despite the potential for database exposure.
SQL injection in SAP S/4HANA Project Management (PPM-PRO) allows a high-privileged authenticated attacker to execute crafted database queries, exposing backend database contents. The vulnerability is reachable over the network but requires both high attack complexity and high privilege level, significantly constraining the realistic attacker pool. No public exploit or active exploitation has been identified at time of analysis, and the CVSS base score of 5.5 reflects these mitigating factors despite the potential for database exposure.