CVE-2026-27673

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

4.9 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L                                    

Vulnerability Description

Due to a missing authorization check, SAP S/4HANA (Private Cloud and On-Premise) allows an authenticated user to delete files on the operating system and gain unauthorized control over file operations which could leads to no impact on Confidentiality, Low impact on Integrity and Availability of the application.

Vulnerability Details

Published Date

April 14, 2026

Last Modified

April 14, 2026

CWE ID

CWE-862

Source

NVD

Vendor

SAP_SE

Product

SAP S/4HANA (Private Cloud and On-Premise)

External References

https://me.sap.com/notes/3703813
https://url.sap/sapsecuritypatchday

CVE-2026-27673

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment