Security Advisory

CVE-2026-27677

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-14 00:07:22

Last updated 2026-04-14 13:14:18

Assigner sap

State PUBLISHED

Description

Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Reference Equipment), an attacker could update and delete child entities via OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not impacted.

← Browse all CVEs View on cve.org ↗