Information Disclosure vulnerability in SAP Fiori App (Intercompany Balance Reconciliation)

4.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Description

Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted.

Basic Information

ID CVE-2026-0494

Source sap

Published Jan 13, 2026 at 01:13

Affected Product

Vendor SAP_SE

Product SAP Fiori App (Intercompany Balance Reconciliation)

Version UIAPFI70 500

Affected Versions SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) UIAPFI70 500
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 600
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 700
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 800
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 900
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 901
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 902
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) UIS4H 109

CWE Classification

CWE-497

References

{
    "lastseen": "",
    "description": "Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted.",
    "published": "2026-01-13T01:13:14.370Z",
    "modified": "2026-01-13T01:13:14.370Z",
    "type": "cve",
    "title": "Information Disclosure vulnerability in SAP Fiori App (Intercompany Balance Reconciliation)",
    "source": "sap",
    "references": "https://me.sap.com/notes/3655227\nhttps://url.sap/sapsecuritypatchday",
    "id": "CVE-2026-0494",
    "bulletinFamily": "",
    "cwe": [
        "CWE-497"
    ],
    "cvelist": null,
    "sourceData": "SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) UIAPFI70 500\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 600\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 700\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 800\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 900\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 901\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 902\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) UIS4H 109",
    "sourceHref": "",
    "cvss": {
        "score": 4.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SAP Fiori App (Intercompany Balance Reconciliation)",
    "version": "UIAPFI70 500",
    "vendor": "SAP_SE",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Information Disclosure vulnerability in SAP Fiori App (Intercompany Balance Reconciliation)_CVE-2026-0494