CVE-2026-0496

SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to upload any file (including script files) without proper file format validation. This has low impact on confidentiality, integrity and availability of the application.

CVSS v3 6.6 MEDIUM

6.6^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 3.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://me.sap.com/notes/3565506
https://url.sap/sapsecuritypatchday

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) La aplicación SAP Fiori Reconciliación de Saldos Intercompañía permite a un atacante con privilegios elevados subir cualquier archivo (incluyendo archivos de script) sin una validación adecuada del formato de archivo. Esto tiene un bajo impacto en la confidencialidad, integridad y disponibilidad de la aplicación.

13 Jan 2026, 02:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-13 02:15

Updated : 2026-06-17 10:10

NVD link : CVE-2026-0496

Mitre link : CVE-2026-0496

CVE.ORG link : CVE-2026-0496

JSON object : View

Products Affected

No product.

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

{"id": "CVE-2026-0496", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2026-0496", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-13T15:15:16.379852Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "cna@sap.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.6, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 2.3}]}, "affected": [{"source": "cna@sap.com", "affectedData": [{"vendor": "SAP_SE", "product": "SAP Fiori App (Intercompany Balance Reconciliation)", "versions": [{"status": "affected", "version": "UIAPFI70 500"}, {"status": "affected", "version": "600"}, {"status": "affected", "version": "700"}, {"status": "affected", "version": "800"}, {"status": "affected", "version": "900"}, {"status": "affected", "version": "901"}, {"status": "affected", "version": "902"}, {"status": "affected", "version": "S4CORE 102"}, {"status": "affected", "version": "103"}, {"status": "affected", "version": "104"}, {"status": "affected", "version": "105"}, {"status": "affected", "version": "106"}, {"status": "affected", "version": "107"}, {"status": "affected", "version": "108"}], "defaultStatus": "unaffected"}]}], "published": "2026-01-13T02:15:51.990", "references": [{"url": "https://me.sap.com/notes/3565506", "source": "cna@sap.com"}, {"url": "https://url.sap/sapsecuritypatchday", "source": "cna@sap.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "cna@sap.com", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to upload any file (including script files) without proper file format validation. This has low impact on confidentiality, integrity and availability of the application."}, {"lang": "es", "value": "La aplicaci\u00f3n SAP Fiori Reconciliaci\u00f3n de Saldos Intercompa\u00f1\u00eda permite a un atacante con privilegios elevados subir cualquier archivo (incluyendo archivos de script) sin una validaci\u00f3n adecuada del formato de archivo. Esto tiene un bajo impacto en la confidencialidad, integridad y disponibilidad de la aplicaci\u00f3n."}], "lastModified": "2026-06-17T10:10:50.740", "sourceIdentifier": "cna@sap.com"}