CVE-2022-26104

Description

SAP Financial Consolidation - version 10.1, does not perform necessary authorization checks for updating homepage messages, resulting for an unauthorized user to alter the maintenance system message.

Affected products

• SAP_SE / SAP Financial Consolidation< 10.1 – < 10.1

References

• MISChttps://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10
• MISChttps://launchpad.support.sap.com/#/notes/3144941