Multiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation)

8.1 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Description

SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has high impact on confidentiality and integrity of the application ,availability is not impacted.

Basic Information

ID CVE-2026-0511

Source sap

Published Jan 13, 2026 at 01:15

Affected Product

Vendor SAP_SE

Product SAP Fiori App (Intercompany Balance Reconciliation)

Version UIAPFI70 500

Affected Versions SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) UIAPFI70 500
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 600
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 700
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 800
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 900
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 901
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 902
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) S4CORE 102
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 103
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 104
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 105
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 106
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 107
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 108

CWE Classification

CWE-862

References

{
    "lastseen": "",
    "description": "SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has high impact on confidentiality and integrity of the application ,availability is not impacted.",
    "published": "2026-01-13T01:15:50.942Z",
    "modified": "2026-01-13T01:15:50.942Z",
    "type": "cve",
    "title": "Multiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation)",
    "source": "sap",
    "references": "https://me.sap.com/notes/3565506\nhttps://url.sap/sapsecuritypatchday",
    "id": "CVE-2026-0511",
    "bulletinFamily": "",
    "cwe": [
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) UIAPFI70 500\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 600\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 700\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 800\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 900\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 901\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 902\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) S4CORE 102\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 103\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 104\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 105\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 106\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 107\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 108",
    "sourceHref": "",
    "cvss": {
        "score": 8.1,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SAP Fiori App (Intercompany Balance Reconciliation)",
    "version": "UIAPFI70 500",
    "vendor": "SAP_SE",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Multiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation)_CVE-2026-0511