Manage Substitutions – Products and Manage Exclusions – Products does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
Some well-known impacts of Missing Authorization check are –
- abuse functionality restricted to a particular user group
- modify restricted data
Available fix and Supported packages
- S4CORE | 105 | 105
- | SAPK-S4CLOUD_2011 |
- S4CORE 105 | SAPK-10501INS4CORE |
ATP: Master Data Substitution
Exploit is not available.
For detailed information please contact the mail [email protected]