Missing Authorization Check in SAP Strategic Enterprise Management (Balanced Scorecard...

4.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Description

Due to missing authorization check in SAP Strategic Enterprise Management (Balanced Scorecard in Business Server Pages), an authenticated attacker could access information that they are otherwise unauthorized to view. This leads to low impact on confidentiality and no effect on integrity or availability.

Basic Information

ID CVE-2026-24327

Source sap

Published Feb 10, 2026 at 03:04

Affected Product

Vendor SAP_SE

Product SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application)

Version SEM-BW 600

Affected Versions SAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) SEM-BW 600
SAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 602
SAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 603
SAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 604
SAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 605
SAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 634
SAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 700
SAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 736
SAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 746
SAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 747
SAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 748
SAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 800

CWE Classification

CWE-862

References

{
    "lastseen": "",
    "description": "Due to missing authorization check in SAP Strategic Enterprise Management (Balanced Scorecard in Business Server Pages), an authenticated attacker could access information that they are otherwise unauthorized to view. This leads to low impact on confidentiality and no effect on integrity or availability.",
    "published": "2026-02-10T03:04:46.790Z",
    "modified": "2026-02-10T03:04:46.790Z",
    "type": "cve",
    "title": "Missing Authorization Check in SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application)",
    "source": "sap",
    "references": "https://me.sap.com/notes/3680390\nhttps://url.sap/sapsecuritypatchday",
    "id": "CVE-2026-24327",
    "bulletinFamily": "",
    "cwe": [
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "SAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) SEM-BW 600\nSAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 602\nSAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 603\nSAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 604\nSAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 605\nSAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 634\nSAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 700\nSAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 736\nSAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 746\nSAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 747\nSAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 748\nSAP_SE SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application) 800",
    "sourceHref": "",
    "cvss": {
        "score": 4.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application)",
    "version": "SEM-BW 600",
    "vendor": "SAP_SE",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Missing Authorization Check in SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application)_CVE-2026-24327