A vulnerability identified as critical has been detected in SAP Approuter. The affected element is an unknown function of the component OAuth2 Login Flow. Performing a manipulation results in improper authorization.
| Vendor | Product | Versions |
|---|---|---|
| sap | sap approuter | SAP Approuter node.js package < 21.2.0 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| sap | sap software | cert_advisory | 90% |
Updated severity to CRITICAL, marked as actively exploited, and provided a new description with more technical detail.
Initial creation