← Back

CVE-2026-0486

nvd nist
Published: Feb 10, 2026Modified: Feb 17, 2026

JSON object

Loading...
4.3
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 2.8 / Impact: 1.4
Source: NVD

Description

In ABAP based SAP systems a remote enabled function module does not perform necessary authorization checks for an authenticated user resulting in disclosure of system information.This has low impact on confidentiality. Integrity and availability are not impacted.

Affected (4)

Sap
1 product
Solution Tools Plug In
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Sap
Solution Tools Plug In
Version 2005_1_700
Solution Tools Plug In
Version 2008_1_710
Solution Tools Plug In
Version 740
Solution Tools Plug In
Version 758

Related CWEs

CWE-862
Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (2)

Source: cna@sap.com
Permissions Required
Source: cna@sap.com
Vendor Advisory

Timeline

No history available yet.