CVE-2026-0494

MEDIUM

SAP Fiori App - Info Disclosure

Title source: llm

Description

Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted.

References (2)

[Vendor Advisory] https://me.sap.com/notes/3655227

[Vendor Advisory] https://url.sap/sapsecuritypatchday

Scores

CVSS v3 4.3

EPSS 0.0004

EPSS Percentile 12.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-497

Status published

Products (8)

SAP_SE/SAP Fiori App (Intercompany Balance Reconciliation) 600

SAP_SE/SAP Fiori App (Intercompany Balance Reconciliation) 700

SAP_SE/SAP Fiori App (Intercompany Balance Reconciliation) 800

SAP_SE/SAP Fiori App (Intercompany Balance Reconciliation) 900

SAP_SE/SAP Fiori App (Intercompany Balance Reconciliation) 901

SAP_SE/SAP Fiori App (Intercompany Balance Reconciliation) 902

SAP_SE/SAP Fiori App (Intercompany Balance Reconciliation) UIAPFI70 500

SAP_SE/SAP Fiori App (Intercompany Balance Reconciliation) UIS4H 109

Published Jan 13, 2026

Tracked Since Feb 18, 2026