SAP S/4HANA application Project Management (PPM-PRO) allows an attacker with high privileges to execute crafted database queries, exposing the backend database. This results in low impact on confidentiality, with no impact on integrity and availability of the application.
History

Tue, 14 Jul 2026 01:00:00 +0000

Type Values Removed Values Added
Description SAP S/4HANA application Project Management (PPM-PRO) allows an attacker with high privileges to execute crafted database queries, exposing the backend database. This results in low impact on confidentiality, with no impact on integrity and availability of the application.
Title SQL Injection vulnerability in SAP S/4HANA Project Management (PPM-PRO)
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published:

Updated: 2026-07-14T00:21:07.573Z

Reserved: 2026-05-07T18:39:44.147Z

Link: CVE-2026-44769

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.