HIGHCVE-2026-0511Published 2026-01-13Modified 2026-02-26CNA sap

CVE-2026-0511: Multiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation)

SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has high impact on confidentiality and integrity of the application ,availability is not impacted.

CVSS v3.1: 8.1
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

SAP_SE / SAP Fiori App (Intercompany Balance Reconciliation)
UIAPFI70 500 · 600 · 700 · 800 · 900 · 901

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

References

me.sap.com
url.sap

Metrics