CVE-2023-42473 MEDIUM

CVE-2023-42473: Missing Authorization Check In S/4HANA (Manage Withholding Tax Items)

Vendor Sap_Se
Product S/4HANA (Manage Withholding Tax Items)
Weakness CWE-862 · Missing authorization
Published October 10, 2023
Last update February 27, 2025

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

S/4HANA Manage (Withholding Tax Items) - version 106, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges which has low impact on the confidentiality and integrity of the application.

Key dates

02Disclosure timeline

October 10, 2023 CVE published
February 27, 2025 Record updated

Related vulnerabilities

04Related CVE