CVE-2026-0484

Published Feb 10, 2026

Last updated 15 days ago

CVSS medium 6.5

Overview

Description: Due to missing authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA, an authenticated attacker could access a specific transaction code and modify the text data in the system. This vulnerability has a high impact on integrity of the application with no effect on the confidentiality and availability.
Source: cna@sap.com
NVD status: Analyzed
Products: sap_basis

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Severity: MEDIUM

Weaknesses

cna@sap.com: CWE-601
nvd@nist.gov: CWE-862

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:700:*:*:*:*:*:*:*",
            "matchCriteriaId": "85616273-040E-49CB-8EB6-D2D4D7B603E5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:701:*:*:*:*:*:*:*",
            "matchCriteriaId": "C5F2C3A9-DCC0-4FF1-8E68-9EA150E209F6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:702:*:*:*:*:*:*:*",
            "matchCriteriaId": "6F774A45-2A9F-4873-A5DC-766D030C8CCD",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:731:*:*:*:*:*:*:*",
            "matchCriteriaId": "D3A0A2D6-9259-4A35-A236-F4BEE986C1FD",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:740:*:*:*:*:*:*:*",
            "matchCriteriaId": "49C3A8E5-FA6A-4EF3-BF50-FD4E1576024F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:750:*:*:*:*:*:*:*",
            "matchCriteriaId": "ABA8AB4E-3FE6-46A8-847E-660C5DF6CE71",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:751:*:*:*:*:*:*:*",
            "matchCriteriaId": "6DA4A6F0-C0F1-42CB-8BBD-7198064733EA",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:752:*:*:*:*:*:*:*",
            "matchCriteriaId": "8C121CC9-26F6-4103-8EB0-BAFF6B5B5FE8",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:753:*:*:*:*:*:*:*",
            "matchCriteriaId": "86086D00-10BF-4C55-8D87-82CCBE468153",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:754:*:*:*:*:*:*:*",
            "matchCriteriaId": "2F25246A-D9E5-4F0D-B91A-478D4E5570DB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:755:*:*:*:*:*:*:*",
            "matchCriteriaId": "0218695F-C4AD-46BF-B176-F10C644A9C2D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:756:*:*:*:*:*:*:*",
            "matchCriteriaId": "FC9E7C3E-1005-450A-9198-E014C1BAADBC",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:757:*:*:*:*:*:*:*",
            "matchCriteriaId": "3A177AB1-CC85-46EF-91DF-462096608C9F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:758:*:*:*:*:*:*:*",
            "matchCriteriaId": "F7591F81-708C-4285-9BB2-F2B4BDB9759B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:sap:sap_basis:816:*:*:*:*:*:*:*",
            "matchCriteriaId": "EF7825FC-2F0F-4096-BE41-67B4DCC4F7DE",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References