CVE-2023-40625

Summary

CVE-2023-40625 is a vulnerability affecting S4CORE's Manage Purchase Contracts App, specifically versions 102 to 107. This issue arises due to insufficient authorization checks, granting unintended actions to authenticated users. Consequently, attackers may exploit this vulnerability to escalate privileges, leading to a low impact on system confidentiality and integrity, with no impact on availability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.